Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label payment card data. Show all posts
ZAGG
BigCommerce Credit Card Theft Data Breach e-commerce security FreshClick app payment card data ZAGG

ZAGG Inc. Data Breach Compromises Customer Payment Information

 


ZAGG Inc., a leading manufacturer of mobile accessories such as screen protectors, phone cases, and power banks, recently alerted customers about a data breach that compromised payment information. The breach occurred due to hackers infiltrating a third-party app, FreshClick, available through the BigCommerce platform.

"We learned that an unknown actor injected into the FreshClick app malicious code that was designed to scrape credit card data entered as part of the checkout process for certain ZAGG.com customer transactions between October 26, 2024, and November 7, 2024,” ZAGG stated in its notification to affected individuals.

BigCommerce Responds

BigCommerce, an Austin-based SaaS e-commerce platform, confirmed that its systems were not directly compromised. In a statement to BleepingComputer, the company explained, “Using our internal tools and in communication with the partner, we verified the third-party FreshClick app was compromised. Acting in the best interest of our customers and their shoppers, we immediately uninstalled the app in their stores, which removed any compromised APIs and malicious code.”

The FreshClick app, designed to enhance e-commerce functionality and customer experience, was exploited by malicious actors who stole sensitive shopper information, including:

  • Personal Details: Names and addresses.
  • Payment Information: Credit card data entered during the checkout process.

ZAGG’s Mitigation Measures

In response to the breach, ZAGG has implemented several remediation measures, including notifying law enforcement and offering impacted customers 12 months of complimentary credit monitoring through Experian. Customers are encouraged to:

  • Monitor financial accounts for unauthorized transactions.
  • Place fraud alerts on their credit reports.
  • Consider implementing a credit freeze for added protection.

Scope of the Breach

The company has not yet disclosed the total number of customers affected by the breach. However, it has assured its customers that steps are being taken to enhance security and prevent similar incidents in the future.

This incident underscores the vulnerabilities associated with third-party integrations in e-commerce platforms. ZAGG’s proactive measures, along with BigCommerce’s swift response in removing the compromised app, highlight the importance of collaboration in addressing cybersecurity threats and protecting customer data.

Read more »
Subscribe to: Posts (Atom)