Crocs Canada Inc.
On April 15, 2015, after a forensic investigation, the Organization learned that individuals may have obtained unauthorized access to information stored on a number of servers. The Organization had initiated the investigation after learning of potential vulnerabilities pursuant to a penetration test. The investigation confirmed that between November 2014 and March 2015, individuals obtained unauthorized access to the Organization?s servers to obtain certain information from the website. The vulnerability allowed SQL injections to retrieve certain user data.