Fitness Depot hit by data breach after ISP fails to ‘activate the antivirus’
Sergiu Gatlan reports that Canadian retailer Fitness Depot has disclosed a breach of their e-commerce platform that affected consumers’ personal and financial information.
Based on the info in the breach notification letter the company sent to all potentially impacted individuals, the attack has all the signs of a textbook Magecart attack where the threat actors were able to compromise Fitness Depot’s online store and inject a malicious form designed to harvest and exfiltrate customer information.
Read more on BleepingComputer.
NextB123 - June 6, 2020
Thank you for posting about this. I was one of many who was affected by this breach. I’ve spoken to my lawyer and he mentioned that if we can get atleast 12 signatures we can proceed with a class action lawsuit against Fitness Depot. I’ve started a petition for all those who were affected, please sign if you were affected.
[url removed by DataBreaches.net — this site cannot be used to recruit people for lawsuits.]