CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Mobile Accessories Maker ZAGG Says Breach Exposed Customer Credit Cards

By Leave a Comment
Mobile Accessories Maker ZAGG Says Breach Exposed Customer Credit Cards

ZAGG Inc., a leading mobile accessories company, has notified customers of a data breach involving the third-party application “FreshClick” used on its BigCommerce-powered e-commerce platform. The breach, which occurred between October 26 and November 7, 2024, compromised sensitive payment card information entered by customers during checkout on ZAGG.com.

The breach was first reported to ZAGG by BigCommerce Inc., their e-commerce software provider, on November 8, 2024. ZAGG's subsequent investigation revealed that an unauthorized actor had injected malicious code into the FreshClick app. This code was designed to scrape names, addresses, and payment card details entered during transactions.

Affected individuals have been offered complimentary identity protection services through Experian IdentityWorks for a limited period. The company has also notified law enforcement and regulatory authorities and stated it has enhanced its security measures to prevent similar incidents in the future.

Exhibit_ADownload

ZAGG Inc. is renowned for its mobile device accessories, including screen protectors, keyboards, and charging solutions, serving a global customer base. The breach implicates BigCommerce, a prominent e-commerce platform provider hosting numerous online retailers, raising concerns about the broader implications of the FreshClick compromise.

We have reached out to BigCommerce to inquire whether other clients of the platform might have been impacted by this breach. The company clarified that the issue stemmed from a third-party app, FreshClick, and not from a vulnerability within their platform. BigCommerce explained that once their security team identified the compromised app, they acted swiftly to neutralize the threat by removing the malicious code and notifying affected customers. They also emphasized that no BigCommerce systems were compromised, and they have since provided guidance to help their customers secure their stores and avoid future incidents involving third-party apps.

Impacted customers are urged to:

  • Monitor account statements and credit reports for any suspicious activity.
  • Take advantage of the complimentary identity protection services offered.
  • Consider placing fraud alerts or credit freezes with major credit bureaus to safeguard against unauthorized credit activity.

Customers who believe their information has been misused are encouraged to contact Experian or ZAGG's dedicated assistance line for further support.

We will provide updates as more details emerge, especially if the breach's scope extends beyond ZAGG.

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *