[BreachExchange] Animates customers' personal information and credit card details compromised in data breach

Destry Winant destry at riskbasedsecurity.com
Wed Sep 25 10:34:08 EDT 2019


Animates is warning customers to monitor their bank accounts after the
pet retailer's website was the target of a cyber attack.

In an email sent to customers on Friday Animates NZ chief executive
Rod Gibson said an unidentified third party recently gained
unauthorised access to its website and may have accessed customers'
personal information and payment details entered on its website.

After becoming aware of the security breach Animates immediately shut
down the website and launched an investigation with assistance from
external security consultants, he said.

It had also notified privacy and legal authorities, he said.

"We unreservedly apologise this incident has occurred. At Animates, we
have always prided ourselves on providing great experiences for our
customers," Gibson said.

Credit card and debit card data had been targeted and personal
information shared with Animates may have also been accessed, he said.

This could include address, phone number, email address, username or
password, he said.

Customers who made purchases online using Laybuy or PayPal were unaffected.

No purchases made in physical stores had been affected.

Customers should monitor their bank account activity closely
regardless of when they last shopped using the Animate website, he

Any unusual activity should be reported to a customer's bank.

Similar passwords used across other sites should be changed and
customers should keep a look out for email, telephone and text-based
scams, he said.

Animates was launching a new website in the coming days that had
passed security audits from third party security specialists.

Customers would need to make new accounts when the site was live, he said.

More information about the BreachExchange mailing list