1.8 Million customers of four sports gear sites impacted by credit cards breach

A cyber attack hit four affiliated online sports gear sites and resulted in the theft of credit cards for 1,813,224 customers.

Threat actors have stolen credit cards belonging to 1,813,224 customers of four affiliated online sports gear sites.

Below are the affected websites:

• Tackle Warehouse LLC (tacklewarehouse.com) – Fishing gear
• Running Warehouse LLC (runningwarehouse.com) – Running apparel
• Tennis Warehouse LCC (tennis-warehouse.com) – Tennis apparel
• Skate Warehouse LLC (skatewarehouse.com) – Skateboards and skating apparel

According to the law firm representing the four websites, the security breach took place on October 1st, 2021, but the websites discovered it on October 15. The attackers had access to the personal information and credit card information of the customers, including full CVV.

On November 29, 2021, the company confirmed that the personal and financial data of its customers were stolen, including

• Full name
• Financial account number
• Credit card number (with CVV)
• Debit card number (with CVV)
• Website account password

On December 16th, 2021 the four websites notified the affected customers. At this time the sites have yet to disclose the cause of the security breach.

Impacted users are recommended to monitor their bank account and credit card statements, and immediately report any suspicious transactions.

The bad and surprising news is that the website are not offering an identity protection service to the impacted customers.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, credit cards)

[adrotate banner=”5″]

[adrotate banner=”13″]