ZAGG Inc Data Breach Exposes Customer Credit Card Information

ZAGG Inc., a prominent mobile accessories manufacturer, has notified customers about a significant data breach affecting credit card transactions between October 26 and November 7, 2024. The breach occurred through a third-party payment processing application called FreshClick, which was integrated into their e-commerce platform powered by BigCommerce.

According to the company's official communication, an "unknown actor" successfully injected malicious code into the FreshClick app designed to scrape credit card information during the checkout process on ZAGG.com. This sophisticated cyber attack potentially exposed customers' sensitive financial data, including names, addresses, and payment card details.

BigCommerce, the e-commerce platform provider, confirmed that their core systems were not compromised. They immediately took action by uninstalling the FreshClicks App from their customers' stores, effectively removing the malicious APIs and code that enabled the data theft.

The breach was first discovered on November 8, 2024, when BigCommerce's internal security tools detected the unauthorized intrusion. ZAGG promptly initiated an investigation and implemented a comprehensive response strategy to mitigate potential damages to their customers.

As part of their remediation efforts, ZAGG has arranged for affected individuals to receive complimentary identity protection services. Specifically, customers will be provided with 12 months of free credit monitoring through Experian IdentityWorks. The company has also notified federal law enforcement and regulatory authorities about the incident.

Customers impacted by this data breach are advised to take several protective measures. These include closely monitoring their financial account activities, placing fraud alerts with credit bureaus, and considering a credit freeze to prevent potential unauthorized credit applications.

While ZAGG has not yet disclosed the total number of customers affected by the breach, they have been transparent about the incident and are committed to supporting customers through this challenging situation. The company emphasized the importance of customer data protection and has pledged to enhance its security protocols to prevent similar incidents in the future.

BigCommerce has stressed that the compromise originated from a third-party application in their marketplace and not from a vulnerability within their platform. They continue to work closely with app developers to ensure the security of their ecosystem.

Customers with questions or concerns about the data breach can contact ZAGG's dedicated support channels or reach out to Experian for additional guidance on protecting their personal and financial information.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: Here are the 5 most contextually relevant blog posts: