Kathmandu has issued a statement saying it’s investigating a security incident that has impacted its online store, with personal information of customers and payment details potentially “captured” by a third party.
According to the release, the business is “urgently investigating” the security incident and has begun notifying customers and relevant authorities.
Taking place between January 8 and February 12, the company says an unidentified third party gained access to Kathmandu’s website platform and may have captured the personal information and payment details that customers entered during the check-out process.
Xavier Simonet, the CEO of Kathmandu has said that the incident was isolated to its online store and that physical stores and its wider IT infrastructure were not impacted.
“Whilst the independent forensic investigation is ongoing, we are notifying customers and relevant authorities as soon as practicable. As a company, Kathmandu takes the privacy of customer data extremely seriously and we unreservedly apologise to any customers who may have been impacted,” he said.
The company also reiterated that its online store “is and remains secure”.