US clothing brand Next Level Apparel reports phishing-related data breach
06 October 2021 at 11:03 UTC
Updated: 06 October 2021 at 12:18 UTC
Exposed data includes payment card and driver’s license numbers
Next Level Apparel, a US clothing manufacturer and e-commerce operator, has alerted customers to a data breach connected to the compromise of employee mailboxes.
“A limited number of employees’ email accounts” were compromised via phishing, which gave cybercriminals “access to the contents of the accounts at various times between February 17, 2021 and April 28, 2021,” said Next Level Apparel in a press release issued yesterday (October 5).
This “resulted in unauthorized access to information contained in some email accounts, including names accompanied by Social Security numbers, financial/checking account numbers, payment card numbers, driver’s license numbers, and limited medical/health information”.
Next Level Apparel, a wholesale producer and online retailer of blank apparel, said it “could not confirm that any individual’s information was in fact viewed by an unauthorized person”.
The Los Angeles-based company said it has started mailing letters to victims for whom they had address information. It has also set up a dedicated call center that is fielding queries from anyone concerned about the incident.
“To help prevent something like this from happening in the future, NLA is instituting additional security measures,” said Next Level Apparel.
“To further protect personal information, we are taking steps to enhance our existing email security protocols and re-educating our staff for awareness on these types of incidents.”
The Daily Swig has asked Next Level Apparel how many customers might be affected by the data breach. We will update this article if and when we hear back.