Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
- An attack on FreshClick exposed customer payment details and more
- The extension is used by Zagg’s ecommerce provider, BigCommerce
- Affected customers receive free credit monitoring for one year
Zagg has notified affected customers of a data breach that compromised highly sensitive information, including payment card details.
In a letter dated December 26, 2024 (via u Maine Attorney General’s Office), the company confirmed a 12-day attack between October 26 and November 7, which ended a day later on November 8.
The issue stems from an attack on FreshClick, a third-party application used by Zagg’s ecommerce software platform provider BigCommerce.
Zagg confirms the cyberattack
“We have learned that an unknown actor injected malicious code into the FreshClick app that was designed to steal credit card information entered as part of the checkout process for certain ZAGG.com customer transactions between the October 26, 2024 and November 7, 2024,” the company said. confirmed
Names, shipping and billing addresses, and payment card information could be at risk as a result.
In recognition of the seriousness of the attack, Zagg is giving affected customers 12 months of access to credit monitoring through Experian. It also urges customers to monitor their financial accounts, set up fraud alerts and consider credit freezes to prevent identity theft.
BigCommerce said (via Bleeping Computer): “Acting in the best interest of our customers and their buyers, we immediately uninstalled the app in their stores, which removed any compromised APIs and malicious code.”
Basic principles of Internet hygiene, such as being cautious about sharing certain information and following potentially malicious links, do much to protect consumers against potential attacks, but when an attack affects a service third party like this, there is very little that consumers can do, highlighting. the generalized risks of online activity.
Apologizing for the inconvenience, Zagg has set up a dedicated hotline for concerned customers to seek further answers and advice.
