Exploit: Ransomware
Fitness Depot: Fitness Equipment Retailer 

Risk to Small Business: 1.871 = Severe

Fitness Depot’s online store was infected with card-skimming malware that stole customers’ personal and financial data at checkout. It took the retailer more than three months to identify the breach, giving cybercriminals ample time to capitalize on the surge of online sales since the COVID-19 pandemic began. The data breach, which began on February 18th, will likely cause online shoppers to think twice before buying from their platform, potentially disrupting a vital lifeline while many in-person shops remain closed.

Individual Risk: 1.764 = Severe 

Payment card skimming malware captures all information entered at checking. This information can allow hackers to commit identity or financial fraud. Those impacted by the breach need to notify their financial institutions and to carefully monitor their accounts for misuse. In many cases, victims should enroll in credit or identity monitoring services to ensure their data’s long term integrity.  

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: For most consumers, cybersecurity is a critical component of their buying decisions when shopping online. Card skimming malware represents a growing threat to online stores, and companies counting on digital sales to drive revenue need to account for this risk and many others presented by online shopping. In 2020, it’s a bottom-line issue that retailers can’t afford to ignore. 

Source:
https://securityboulevard.com/2020/06/data-breach-canadas-fitness-depot-blames-isp-for-security-incident