Some customers from the fashion brand Love, Bonito were informed via email about the possible data breach on Dec. 13, 2019.
“Based on our investigations, some of your personal information may have been exposed,” said the e-mail from Love, Bonito co-founder Rachel Lim.
The personal information includes customer’s first and last names, shipping addresses, dates of birth, e-mail addresses, phone numbers, order details, billing addresses, payment type and credit card information, including expiry dates and the last four digits of the credit card number.
Love, Bonito said a malicious code has been added to its e-commerce website.
The spokesperson said Love, Bonito has “engaged a data security expert to conduct a forensic investigation of the incident and will continue to review, audit and enhance our security controls and processes”.
Investigations are still ongoing and they are currently working with the security vendors to resolve the matter.
Dear #LBcommunity,We value the trust you have given us to safeguard your personal information. Protecting it is of…
Love, Bonito apologised for the data breach and stressed in the email that protecting customers’ personal information has been of utmost importance to the company.
In response to media queries, the spokesperson replied that Love, Bonito takes this attack very seriously and took immediate actions to remove the malicious code and further steps to secure the systems.
They confirmed that about 3% of its customers’ personal information has been exposed. Out of which, a “small number” might have had their financial data accessed.
Customers have also been advised to carefully review their payment card and bank statements, to report unauthorised charges in a timely manner, and to make sure two-factor authentication (2FA) has been set up for credit cards.
For customers who are affected or have queries, you can to reach out to them at firstname.lastname@example.org
Source : CNA