P2018-ND-152

Hudson's Bay Company

On August 12, 2018, the Organization?s third party service provider, Vibes Media, LLC, reported that an unauthorized third party was able to gain access to the service provider?s web application and obtain a copy of contact information of certain (but not all) customers of the Organization who were enrolling to receive marketing messages via text on their mobile devices. The unauthorized third party obtained a copy of database records that contained the information at issue. The Organization?s service provider confirmed that it was able to identify and eliminate the vulnerability within the impacted web application on August 17, 2018. The incident did not affect any of the Organization?s systems or databases.

File Type: pdf
Categories: 2018
Tags: Unauthorized disclosure