Fraudulent activity was noticed in the first half of 2019, but the company did not reveal the number of compromised accounts on their website. Even this way, it is known that California law oblige security breach notices only if the incident affects more than 500 residents.
Besides the compromised email addresses and passwords, there is a possibility that additional information stored on the account may have been accessed. This includes the last four digits of credit card numbers, expiration dates, card types, billing addresses, order number and shipping confirmation numbers, along with order status.
To minimise the damages, the company disabled the accounts marked with suspicious activity, and asked users to reset their login passwords.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now