P2017-ND-048

On February 6, 2017, the Organization detected that an unauthorized third party may have obtained access to the servers that operate its e-commerce website, www.prana.com. The Organization investigated and found that an unauthorized third party installed code that was designed to capture information as it was being entered on the site during the checkout process for orders placed from December 14, 2016 to February 6, 2017. The Organization believes the unauthorized third party may have also decrypted an internal database containing information from orders completed prior to February 6, 2017.

File Type: pdf
File Size: 332 KB
Categories: 2017