Blundstone U.S.A. recently experienced a security breach that may have compromised customers’ personal information. The incident occurred between July 7, 2024, and August 14, 2024, when an unauthorized third party exploited a vulnerability in the Adobe Commerce platform, which powers Blundstone’s e-commerce website. This vulnerability allowed the third party to install malicious code on the platform, creating a duplicate checkout page. The fraudulent page collected sensitive information, including customer names, addresses, phone numbers, and payment card details, such as credit card numbers, expiration dates, and CVV codes.
Upon discovering the breach on August 15, 2024, Blundstone immediately took steps to secure its systems and remove the malicious code. The company worked with a leading cybersecurity firm and legal experts to investigate the incident and address the vulnerability. Additionally, Blundstone applied necessary security patches to the Adobe Commerce platform to prevent further exploitation of the vulnerability and has implemented additional technical practices to safeguard against similar incidents in the future.
Blundstone has recommended that customers remain vigilant against potential fraud or identity theft by monitoring their online accounts, financial accounts, and credit reports for any suspicious activity. If any unusual activity is noticed, individuals are urged to contact the companies that maintain the affected accounts. The company has also provided additional information and resources to help customers protect their personal data and avoid identity theft.
Blundstone expressed deep regret over the incident and reassured customers that it is committed to improving its security measures to prevent similar breaches from occurring in the future. The company remains focused on enhancing its security practices to protect customer data and ensure such incidents do not happen again.
Reference:
