1. Forum
  2. TQWNet
  3. TQW GENTECH

  • Zagg warns customers their data may have been stolen in third-par

    From TechnologyDaily@1337:1/100 to All on Monday, December 30, 2024 13:15:05
    Zagg warns customers their data may have been stolen in third-party cyberattack

    Date:
    Mon, 30 Dec 2024 13:06:00 +0000

    Description:
    A third-party company used indirectly by Zagg has resulted in sensitive customer information being exposed.

    FULL STORY ======================================================================An attack on FreshClick has exposed customer payment details and more The extension is used by Zaggs ecommerce provider, BigCommerce Affected customers are getting free credit monitoring for a year

    Zagg has notified affected customers of a data breach that put highly sensitive information at risk, including payment card details.

    In a letter dated December 26, 2024 (via the Office of the Maine Attorney General ), the company confirmed a 12-day-long attack between October 26 and November 7, which it became aware of one day later on November 8.

    The problem stems from an attack on FreshClick, a third-party application
    used by Zaggs ecommerce software platform provider BigCommerce. Zagg confirms cyberattack

    We learned that an unknown actor injected into the FreshClick app malicious code that was designed to scrape credit card data entered as part of the checkout process for certain ZAGG.com customer transactions between October 26, 2024 and November 7, 2024," the company confirmed.

    Names, shipping and billing addresses, and payment card information could be at risk as a result.

    In recognition of the severity of the attack, Zagg is giving affected customers 12 months access to credit monitoring through Experian. Its also urging customers to monitor their financial accounts, place fraud alerts and consider credit freezes to prevent identity theft.

    BigCommerce said (via Bleeping Computer ): Acting in the best interest of our customers and their shoppers, we immediately uninstalled the app in their stores, which removed any compromised APIs and malicious code.

    Basic internet hygiene principles like being cautious about sharing certain information and following potentially malicious links go a long way to protecting consumers against potential attacks, however when an attack
    affects a third-party service such as this, theres very little that consumers can do, highlighting the widespread risks of online activity.

    Apologizing for the inconvenience, Zagg has established a dedicated phone
    line for concerned customers to seek further answers and advice. You might also like Weve listed the best identity theft protection Check out the best privacy tools and anonymous browsers Third-party data breaches have become a major security concern



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/zagg-warns-customers-their-data-may-hav e-been-stolen-in-third-party-cyberattack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)