FabFitFun recently announced consecutive cybersecurity incidents involving customer payment information. The popular lifestyle ecommerce retailer discovered that an unauthorized third party inserted malicious code on their website designed to capture information associated with customer sign ups.
The company began to notify affected customers on September 18 by email and USPS mail delivery. The data breach appears to have affected new members who signed up during the periods between:
For customers who used credit or debit cards to set up their subscription account, compromised information may include:
For customers who used PayPal or Apple Pay, FabFitFun claims that only email addresses and FabFitFun passwords were involved in the data breach.
Despite consecutive data breaches, FabFitFun claims to have taken appropriate steps to secure their website and reported the matter to law enforcement. The company is offering affected customers one year of identity protection and a $25 credit, which requires a current FabFitFun membership and expires by the end of the year.
Remarks on multiple online forums show that consumers are unhappy about the FabFitFun security incidents and how they have been handled.
According to Josey, “So…they knew back in June that they were hacked. It was posted on their community board. They wouldn’t address the question! Now they are suddenly saying it happened again?!”
Anna commented, “…they were warned they had a breach and denied it. I’m very disappointed in their statement because a customer or more made them aware of the first breach they did nothing and let a second happen.”
Users on Reddit made various claims that weeks went by without notification of the breach, despite customers noticing fraudulent credit card transactions and attempts to use their personal information to sign up for shopping accounts at other retailers.
Initially founded in 2010 as an online magazine focused on beauty, fitness and fashion, FabFitFun expanded into subscription box marketing three years later – an industry that has grown at a compound annual growth rate of nearly 60 percent.
The company claims to now have more than 1 million members worldwide. Its main offering is their FabFitFun Box, a curated collection of products across beauty, fashion, wellness, fitness, home and technology categories delivered four times per year. The box is priced at $50 per season or $180 per year.
FabFitFun annual revenues are estimated at $300 million.
NOTICE: If you received a NOTICE OF DATA BREACH from FitFabFun, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible developing legal options.
With personal injury cases, success is defined by more than the number of dollars awarded at settlement. Our clients come to us not just bearing physical and financial trauma, but emotional and situational scars, as well. As the legal process evolves, relationships are built with our clients that typically last for a lifetime. Sometimes, that […]Learn More
On November 8, 2018, Anna* and her family fled their home in response to the Camp Fire mandatory evacuation. The massive fire destroyed more than 18,000 homes, displacing 50,000 residents in the town of Paradise, California, and surrounding areas. They didn’t have friends or relatives in neighboring cities to stay with and soon discovered that […]Learn More
On a warm August evening, Ray G. and his family were driving home from a school sporting event. As his Ford F250 pickup traveled through an intersection on Washington Blvd in Roseville, California, a Toyota Corolla compact sedan ran the red light and slammed into the driver’s side of Ray’s truck. The driver of the […]Learn More
Kimberly and Brian, both established professionals in Sacramento, were excited about moving into a charming yellow house in one of the best neighborhoods in the area. They had agreed to a lease-to-own arrangement that allocated $3,500 per month toward rent and an additional $2,000 per month toward a refundable deposit for the potential purchase of […]Learn More
Matthew B. contacted the Arnold Law Firm after consulting with multiple attorneys in the Sacramento area, including another major personal injury firm and an attorney specializing in motorcycle accidents. His case was rejected by other attorneys due to complexity with liability. As the rider in a car vs. motorcycle collision, Matthew suffered significant injuries to […]Learn More
Mr. E was on his way to work one very ordinary fall morning when an inattentive driver ran a red light, collided with his vehicle, and changed his life forever. In that moment, although he didn’t realize it at the time, a chain of events was set into motion that affected every aspect of his […]Learn More