Sports equipment and clothing maker Easton-Bell Sports has admitted suffering a data breach. The company says that cybercriminals have planted a piece of malware on the servers of a vendor.
In a letter sent out to customers starting last week, Easton-Bell Sports reveals that the attackers might have obtained names, addresses, phone numbers, email addresses, credit card numbers and their associated security codes.
The breach took place around December 1, 2013 and it was discovered only on January 9, 2014. It’s believed that those who made purchases online between December 1 and December 31, 2013 are impacted.
The precise number of victims has not been disclosed by the company, but Reuters reports that around 6,000 people made purchases online in December.
Affected customers are being offered one free year of identity protection services.