Kathmandu Holdings Limited (ASX and NZX Code: KMD) has reported in an ASX release on 13 March 2019 that the company is urgently investigating a security incident with its online trading websites.
Xavier Simonet, Chief Executive Officer said “Whilst the independent forensic investigation is ongoing, we are notifying customers and relevant authorities as soon as practicable.”
Kathmandu became aware that between 8 January 2019 NZDT and 12 February 2019 NZDT, an unidentified third party gained unauthorised access to the Kathmandu website platform. During this period, the third party ‘may’ have captured customer personal information and payment details entered at check-out.
The release states, “As soon as Kathmandu became aware of this incident, it took immediate steps and confirmed that the Kathmandu online store is and remains secure. The wider IT environment including all Kathmandu physical stores were not impacted by this incident. Since this time, Kathmandu has been working closely with leading external IT and Cyber Security consultants to fully investigate the circumstances of the incident and confirm which customers may have been impacted.”
Kathmandu is in the process of notifying the relevant privacy and law enforcement agencies and will notify potentially affected customers directly and advises any customer who believes they may have been impacted to contact their banks or credit card providers and follow their recommended advice.
Simonet said “As a company, Kathmandu takes the privacy of customer data extremely seriously and we unreservedly apologise to any customers who may have been impacted.”
