North Carolina-based LC Industries, Inc., which operates the Tactical Assault Gear website, is notifying thousands of customers that malware discovered on the website was being used to gain access to personal information.
How many victims? 3,754.
What type of personal information? Names, email addresses, website account usernames, passwords, credit card numbers, security codes, and expiration dates.
What happened? Malware discovered on the Tactical Assault Gear website was being used to gain access to personal information.
What was the response? The website was shut down, the malware was removed, and security has been enhanced. An investigation is ongoing. All potentially affected individuals are being notified.
Details: The malware was discovered on or about June 2. The website was shut down, the malware was removed, security was enhanced, and the site was brought back online on June 13. That same day, a second instance of malware was identified, but before additional customer information was compromised. The site was shut down again, the malware was removed, additional security measures were implemented, and the site was brought back online on June 16.
LC Industries has reason to believe that there have been attempts to misuse the compromised information of certain customers.
Quote: “We have discovered that there was an intrusion into our servers that runs the website that may have compromised personal information about you,” a notification letter said.
Source: doj.nh.gov, “Data Incident Notification,” June 17, 2015.