NY A.G. settles with online retailer Bombas which failed to notify data breach involving credit cards details

Photo by Blake Wisz on Unsplash

On June 6, 2019 Attorney General Letitia James, announced settlement with online retailer Bombas LLC for failing to provide notice of payment cards consumers’ data breach occurred to 39,561 consumers.

In 2014 unauthorized intruders inserted malicious software code to steal payment card information into the ecommerce platform supporting Bombas’ website. Intruders accessed customer information (such as names, addresses, and credit card information) of 39,561 payment card holders.

Bombas started notifying the consumers of the breach only 3 years after it occurred, violating General Business Law §§ 899-aa.

Bombas offered the potentially affected customers two years of free credit monitoring, fraud consultation, and identity theft restoration services through Kroll Inc. The company also agreed to a number of injunctive provisions aimed at preventing similar breaches in the future.

“New Yorkers deserve to shop with confidence and have faith that their personal information will be protected,” said Attorney General Letitia James.


New York Attorney General Letitia James’s press release is available at https://ag.ny.gov…


For more information on how Blockchain technology could impact your legal issues Francesca Giannoni-Crystal and  Federica Romanelli


Originally published on Technethics on June 2019

Leave a Reply

Your email address will not be published. Required fields are marked *