Petco has accidentally exposed a whole lot of customer data and personal information, according to a report by TechCrunch . This is thanks to a security lapse involving its Vetco clinics website, forcing the company to take a portion of that site offline.
Petco has confirmed the leak and TechCrunch noted that the security lapse allowed anyone to download customer records without login information. The exposed data includes customer names, driver's license numbers, dates of birth, Social Security numbers and even financial information. It also includes customer records from visits to Vetco, like medical histories, pet names, vaccination records and other stuff like that.
This was due to an incorrect software setting that made a number of files accessible online, according to a notice filed by California’s attorney general and reported on by Mashable . The company has since corrected the setting, removed the exposed files and implemented security measures.
Advertisement Advertisement
Advertisement
However, Petco hasn't said if any data was actually extracted during the security lapse or if it even has the means to suss out that kind of thing. Vetco customers should probably perform some due diligence to shore up personal security. The company is offering credit and identity monitoring services to impacted customers, but only in some states. We recommend giving Petco a call to discuss options.