Saturday, November 16, 2019
  • Derbycon2019, Thomas Reed’s ‘Incident Response On macOS’
  • XKCD, Machine Learning Captcha
  • Derbycon2019, Wim Remes’ ‘Product Security Shouldn’t Be Painful’
  • JumpCloud MSP Program – How to Make Money
  • Robert M. Lee’s & Jeff Hass’ Little Bobby Comics ‘Why AI Doesn’t Work For Security’

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security SBN News Security Bloggers Network 

Home » Cybersecurity » Data Security » Kathmandu Notifies Customers of Security Incident Involving Its Website

Kathmandu Notifies Customers of Security Incident Involving Its Website

by David Bisson on March 13, 2019

Outdoor apparel and equipment retail chain Kathmandu said it’s in the process of notifying customers about a security incident involving its website.

On 13 March, Kathmandu released a notification disclosing how the company became aware of the security incident between 8 January and 12 February. At some point during that time, an unauthorized third party gained access to the retail chain’s website. Those bad actors then might have abused their unauthorized access to steal customers’ personal information and/or payment details as they completed their online orders.

According to its statement, Kathmandu responded by enlisting the help of IT and digital security experts to investigate the incident and determine how many customers it might have affected. It used these individuals’ expertise to improve the security of its website and confirm that the incident had not affected its wider IT environment.

Xavier Simonet, CEO of Kathmandu, explains in the notice that the company is still in the process of responding to the incident:

Whilst the independent forensic investigation is ongoing, we are notifying customers and relevant authorities as soon as practicable. As a company, Kathmandu takes the privacy of customer data extremely seriously and we unreservedly apologise to any customers who may have been impacted.

Customers who believe they were victims of the security event should contact their banks and/or credit card providers to discuss their options, including whether they should put a security freeze on their credit reports.

Kathmandu’s statement doesn’t provide insight into how the digital attackers gained unauthorized access to the company website. It also doesn’t illuminate whether it’ll be providing affected customers with complementary access to identity theft protection services.

This security incident follows just a few months after OXO International Ltd, a manufacturer of kitchen utensils, office supplies and housewares, disclosed of a data breach involving customer (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/kathmandu-notifies-customers-of-security-incident-involving-its-website/

March 13, 2019March 13, 2019 David Bisson IT Security and Data Protection, Kathmandu, Latest Security News, security, website
  • ← Clinic hit by ransomware recovers in hours thanks to solid incident response plan
  • Judging Facebook’s Privacy Shift →
Featured Blog

Enzoic

Firm Cybersecurity: Professional Services Firms are Vulnerable Targets

Enzoic

Automate Password Policy & NIST Password Guidelines

Enzoic

Why Biometric Authentication is Just Part of the Security Puzzle

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

How Gamification Can Improve Enterprise Cybersecurity Posture
Google Slurps 150 Hospitals’ Patient Data With No Consent
CloudVector Unveils Platform for Securing APIs
Report Underscores Growing Awareness of Application Security
Twitter and the Saudi Computer Crime – Or Was It?
Facebook App for iOS Caught Accessing Camera in Background
Multi-Stream Cybersecurity and How it Can Save Your Business from a Zero-Day Attack
10 Statistics that Summarize the State of Cybersecurity in Financial Services
Data Breach Fines: Are They Working to Boost Consumer Safety?
Cybersecurity Field Must More Than Double Qualified Staff to Meet Market Needs, Survey Shows

Upcoming Webinars

Mon 18

Scaling DevSecOps

November 18 @ 1:00 pm - 2:00 pm
Tue 19

SAP Concur’s Cloud Journey

November 19 @ 1:00 pm - 2:00 pm
Dec 09

Cloud Security – Keeping Serverless Data Safe

December 9 @ 11:00 am - 12:00 pm
Dec 10

Securing Mobile Apps, From the Inside Out

December 10 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Open Source Security: Weighing the Pros and Cons

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Phishing Increasingly Targets SaaS, Webmail
Cybersecurity Industry Spotlight Security Boulevard (Original) Social Engineering 

Phishing Increasingly Targets SaaS, Webmail

November 15, 2019 Dean Coclin | Yesterday 0
Network Infrastructure Security: An Underserved Market
Cybersecurity Industry Spotlight Network Security Security Boulevard (Original) 

Network Infrastructure Security: An Underserved Market

November 14, 2019 Thomas Carnevale | 2 days ago 0
Business Espionage: Security Threats for Small-Business Owners
Cybersecurity Industry Spotlight Security Awareness Security Boulevard (Original) 

Business Espionage: Security Threats for Small-Business Owners

November 13, 2019 Tony Tomov | 3 days ago 0

Top Stories

Report: Retail Sector Under Cybersecurity Siege
Cybersecurity Featured Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

Report: Retail Sector Under Cybersecurity Siege

November 15, 2019 Michael Vizard | Yesterday 0
1Password Secures $200M in Series A Funding, Heads for the Enterprise
Cybersecurity Featured Identity & Access News Security Boulevard (Original) Spotlight 

1Password Secures $200M in Series A Funding, Heads for the Enterprise

November 15, 2019 Frank Ohlhorst | Yesterday 0
TPM-FAIL: Intel and STMicro ‘Fix’ 26-Year-Old Vulnerability
Application Security Cybersecurity Data Security Featured Mobile Security News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

TPM-FAIL: Intel and STMicro ‘Fix’ 26-Year-Old Vulnerability

November 14, 2019 Richi Jennings | 2 days ago 0

Security Humor

via   the comic delivery system monikered  Randall Munroe  at  XKCD !

XKCD, Machine Learning Captcha

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.