Overview
- Petco says a setting in one of its software applications inadvertently made certain files accessible online, which the company says it corrected after removing the files.
- Disclosures list affected data including names, dates of birth, Social Security numbers, driver’s license numbers, and financial details such as bank accounts and credit or debit card numbers.
- Legally required notices were filed in Texas, California, Massachusetts, and Montana, with one affected resident reported in Massachusetts and three in Montana.
- California’s 500-resident disclosure threshold indicates at least that many Californians were impacted, but Petco has not provided a total victim count.
- Petco is notifying impacted individuals and offering credit and identity monitoring where required, while declining to say whether any unauthorized parties accessed or exfiltrated the exposed files.