Bombas, LLC

Bombas sells socks online using an outside vendor to develop and manage their website and a third party e-commerce platform for purchases. Malware in the code of the e-commerce platform was identified and initially removed from their website on January 15, 2015, and then finally removed on February 9, 2015. They cannot determine which transactions were impacted, and are sending notice to all of the approximately 41,000 customers who made a credit card purchase on the website during the period the malware may have existed, essentially from the date of launch of the website, September 1, 2013, until the day the identified malware was finally removed.What Information was Involved?The data accessed may have included personal information such as name, address, and credit card information.