Last week, Petco confirmed that it had suffered a security breach that had exposed the personal information of its customers. According to TechCrunch who initially reported the breach, the company filed a notice with the Texas Attorney General's office on Friday that detailed the leaked data which includes customer names, dates of birth, Social Security numbers, drivers licenses, bank account numbers and credit or debit card information.
Though Petco did not confirm the number of customers affected by the incident, the company has 24 million customers each year. In addition to the Texas filing, the company has made similar filings in California, Massachusetts and Montana. The filing in California included details about the cause of the leak: “A setting within one of our software applications inadvertently allowed certain files to be accessible online.”
Petco has stated that as soon as it was aware of the issue, it took immediate action to fix it and block access. It is notifying affected customers through email and including details about how to take advantage of the complimentary credit monitoring services it's offering. The Petco filing offers additional information about how to contact the FTC if you’ve fallen victim to fraud and how to place a credit freeze.
How to stay safe after a data breach
First off, you definitely want to change the password to your Petco account as well as any payment accounts that you have linked to it. If you don't use a password manager to keep track of all of your passwords yet, now is a good time to start using one. The best password managers don't only protect your passwords so you won't have to remember all those strong, unique passwords for each of your online accounts but they can also generate new ones for you.
After a data breach, one of the main risks is phishing attempts which will often look like they come from a legitimate retailer or website. One of the things to stay on the lookout for are any emails or texts that appear like they come from Petco – especially if they contain links, or a sense of urgency by saying there's an issue with an order you didn't make or you need to click through to confirm a refund.
Petco has cautioned customers to stay vigilant for any signs of fraud or identity theft attempts, and warned them to check their accounts for any unauthorized transactions. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in emails or messages you aren't expecting. If you receive any of these, delete them and log into your account manually to check instead of replying directly to them.
Petco is offering complimentary credit and monitoring services to impacted customers, but even if you're not one of them you should still consider setting up identity theft monitoring with one of the best identity theft protection services. Having one in place in advance can help protect you by providing you with an alert if anything suspicious happens with your financial accounts and most importantly, your sensitive personal information. Likewise, they can also help you recover any funds lost to scams or fraud.
I'll be keeping a close eye on this Petco data breach and will update this story if I learn anything new.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
More from Tom's Guide
- Hackers are using malicious code to take over legitimate banking apps and your phone — don't fall for this
- FBI says scammers are stealing Instagram photos to fake kidnappings for ransom money — here's how to spot it
- Billions of Chrome users at risk from 13 security flaws including four high-severity ones — update your browser right now
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
