Garmin SA sent notification emails to its customers and recommended them to review and monitor all their payment card records for any unauthorised purchases. Affected customers who received the data security incident notification are also urged to reach out to their bank or payment card providers if they see or suspect any fraud.
The compromised data was limited to only Garmin’s South Africa site, and contained payment information, including the number, expiration date and CVV code for users payment card, along with first and last name, physical address, phone number and email address.
While the cause of the breach is not mentioned in the notification email to the impacted Garmin SA customers, there are signs that the shop.garmin.co.za portal was the victim of a Magecart group, according to BleepingComputer. Seeing that the portal runs on a Magento CMS there is a high probability that the Garmin SA customers data was harvested with the help of a payment card skimmer embedded on the sites payment page.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. If you see a comment that you believe is inappropriate to the discussion, you can bring it to our attention by using the report abuse links. As the comments are written and submitted by visitors of the The Paypers website, they in no way represent the opinion of The Paypers.