Kathmandu customers potentially exposed by data breach

An unidentified third-party has breached Kathmandu’s website and potentially accessed customers’ personal information and payment details, the outdoor retailer revealed on Wednesday.

The business was alerted to the breach, which took place between January 8 and February 12, 2019, through bank fraud monitoring.

A Kathmandu spokesperson told IR that the business is currently investigating how many customers are affected by the breach, but that it remains an ongoing process.

“Whilst the independent forensic investigation is ongoing, we are notifying customers and relevant authorities as soon as practicable,” Kathmandu chief executive Xavier Simonet said.

“As a company, Kathmandu takes the privacy of customer data extremely seriously and we unreservedly apologise to any customers who many have been impacted.”

The business has enlisted the help of external IT and cyber security experts to assist in investigating the circumstances, and to confirm which customers have been impacted.

While the financial impact of the incident is still unclear, the dual-listed retailer saw its stock price fall to $2.31 per share after the announcement, though rebounded to $2.37 by the end of trade.

Access exclusive analysis, locked news and reports with Inside Retail Weekly. Subscribe today and get our premium print publication delivered to your door every week.

You have 7 articles remaining. Unlock 15 free articles a month, it’s free.