Indoor Gardening Company AeroGrow May Have Had Data Breach 

May 3, 2019

Written by wukovits

Do you do any indoor gardening?  If so, odds are that you own AeroGrow equipment. If that’s the case, some of your personal information, including the credit or debit card number you paid for the goods with, may have been compromised.

The company recently notified its customers that they discovered malware lurking on their payment processing page.

For reasons that aren’t yet clear, the company did not detect the malicious code for some four months. They estimate that the malware was active between October 29, 2018 and March 4, 2019.

Aerogrow has notified the FBI and enlisted the aid of a third party to assist with the forensic investigation, which is ongoing.  At present, the company is unable to determine how many of its customer records were compromised.

To this point, they have confirmed that among impacted customers, the following information was taken:

  • Credit or Debit card number
  • Expiration date
  • Security Code
  • Any personal data the customer may have used to verify processing of the payment in question

Grey Gibbs, the AeroGrow Senior VP of Finance and Accounting issued a formal apology in the aftermath of the incident, saying, “I want to sincerely apologize for this incident and I regret any inconvenience it may have caused you.  I want to assure you that we take this criminal act very seriously and have addressed it thoroughly.”

The company’s response has been generally good, and they’ve offered a year of free credit monitoring to all impacted customers. However, that’s small consolation to those who now have to deal with the prospect that their identities may have been stolen and may face fraudulent charges on their credit cards in the weeks and months ahead.

If you’re an AeroGrow customer, to be safe, report your payment card as compromised and take whatever other steps you deem necessary to protect your identity.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon