Zagg customer information has been compromised in a third-party hack.
0 Facebook x.com Reddit Bluesky
Consumer electronics and iPhone accessory maker Zagg tells customers that transactions credit card payments between October 26 and November 7, 2024, may have been compromised due to a hack into a third-party payment processor.
Utah-based Zagg makes products such as keyboards, phone cases, screen protectors, power banks and other accessories. It uses BigCommerce to process credit card transactions on its website, which also provides the FreshClicks app for creating commerce-friendly websites.
The attacker was found to have been able to compromise the FreshClicks app by injecting malicious code that stole customers' card details, BeepingComputer reported.
Emails sent to Zagg customers explained that an “unknown attacker” had implanted malicious code into the FreshClick app that was designed to collect credit card information entered as part of the Zagg checkout process. This occurred between October 26 and November 7.
The breach has been reported to regulators and federal agencies. While the number of customers affected has not been disclosed, the attackers were able to steal customers’ names, addresses, and payment card information.
Affected customers were told in the email to monitor their financial account activity, including adding fraud alerts and placing a credit freeze. Zagg customers whose card information may have been compromised will have 12 months of free card activity monitored through Experian. .
In its statement, Big Commerce insisted that its own systems were not hacked or compromised. However, after discovering the issue, BigCommerce disabled and removed FreshClicks from its customers' stores, which removed the compromised APIs and malicious code.
Follow AppleInsider on Google News
