The Concord-based wine and liquor chain says someone gained access to its website and installed a malicious code that captured payment information. It may have affected online orders made between August 2 and September 26.
BevMo began notifying customers last week.