Canadian retailer Fitness Depot announced customers that their personal and financial information was stolen following a breach that affected the company's e-commerce platform last month.
Fitness Depot is the largest specialty exercise equipment retailer in Canada, with 40 stores nationwide and two in the United States, Texas, in Dallas and Houston.
Signs of a Magecart attack
Based on the info in the
breach notification letter the company sent to all potentially impacted individuals, the attack has all the signs of a textbook
Magecart attack where the threat actors were able to compromise Fitness Depot's online store and inject a malicious form designed to harvest and exfiltrate customer information.