Did anyone else receive this e mail?
Dear Customers,
I am sending you this e-mail to inform you of a malicious hacker attack against AmmoToGo.com and to sincerely apologize to you for any inconvenience that it may have caused you. We believe it is our responsibility to inform you of this matter, so please read on.
AmmoToGo.com is a small business and we do our best to serve you, to run a reputable business, to support the shooting community, and to overcome challenges like this one.
Here are the highlights:
1. We do not sell any customer information, whatsoever.
2. Last week, another online ammunition retailer was approached by what appears to be a foreign hacker offering to sell the AmmoToGo.com customer/e-mail list, and that retailer kindly alerted us of this contact.
3. Our team immediately began investigating and confirmed yesterday that a portion of our customer/e-mail list was in fact breached and offered for sale.
4. Additionally, one of our customers reported late last night that they had received an e-mail from Target Sports USA to an e-mail address that had only been given to us (we can only deduce that Target Sports USA bought the list from the hacker and then began to abuse it).
5. In late August (for unrelated reasons), we re-launched our website on a far more secure and restricted platform that uses secure encryption, that is actively monitored against brute force attacks, that is protected by an intrusion prevention system, and that is pro-actively audited quarterly by a PCI compliance monitor.
6. As a precaution against precisely this kind of malicious hacker attack, we do not store credit card information and we have no reason to believe that any credit card information was stolen.
7. We are certain that FOID’s, driver’s licenses, or other government issued identification remained secure and were never accessed.
8. We have no reason to believe that any further attacks have occurred since late August, 2014 when we updated to our new secure database and we are now much better prepared to fend off any future attacks.
9. It is possible that the hacker obtained your AmmoToGo.com password. As a precaution, we recommend that you go here to change your password and if you have used the same password on another website, we recommend that you change it there also.
10. We are certain that many of our customers are unaffected by this attack and we sent this e-mail to only those customers that could be affected.
If you receive any unsolicited e-mails from other online ammunition retailers, please forward their e-mail to us at HackerAttack@AmmunitionToGo.com so that we can immediately investigate the matter and put an end to the SPAMing. Our team will work as long and as hard as necessary to fight back against the hacker and anyone else who buys and abuses the stolen information.
We look forward to re-earning your trust in the future and again apologize for this breach. If we find any additional information as our investigation develops, we will update this page with that information.
Scott
Customer Service Manager
AmmoToGo.com
Dear Customers,
I am sending you this e-mail to inform you of a malicious hacker attack against AmmoToGo.com and to sincerely apologize to you for any inconvenience that it may have caused you. We believe it is our responsibility to inform you of this matter, so please read on.
AmmoToGo.com is a small business and we do our best to serve you, to run a reputable business, to support the shooting community, and to overcome challenges like this one.
Here are the highlights:
1. We do not sell any customer information, whatsoever.
2. Last week, another online ammunition retailer was approached by what appears to be a foreign hacker offering to sell the AmmoToGo.com customer/e-mail list, and that retailer kindly alerted us of this contact.
3. Our team immediately began investigating and confirmed yesterday that a portion of our customer/e-mail list was in fact breached and offered for sale.
4. Additionally, one of our customers reported late last night that they had received an e-mail from Target Sports USA to an e-mail address that had only been given to us (we can only deduce that Target Sports USA bought the list from the hacker and then began to abuse it).
5. In late August (for unrelated reasons), we re-launched our website on a far more secure and restricted platform that uses secure encryption, that is actively monitored against brute force attacks, that is protected by an intrusion prevention system, and that is pro-actively audited quarterly by a PCI compliance monitor.
6. As a precaution against precisely this kind of malicious hacker attack, we do not store credit card information and we have no reason to believe that any credit card information was stolen.
7. We are certain that FOID’s, driver’s licenses, or other government issued identification remained secure and were never accessed.
8. We have no reason to believe that any further attacks have occurred since late August, 2014 when we updated to our new secure database and we are now much better prepared to fend off any future attacks.
9. It is possible that the hacker obtained your AmmoToGo.com password. As a precaution, we recommend that you go here to change your password and if you have used the same password on another website, we recommend that you change it there also.
10. We are certain that many of our customers are unaffected by this attack and we sent this e-mail to only those customers that could be affected.
If you receive any unsolicited e-mails from other online ammunition retailers, please forward their e-mail to us at HackerAttack@AmmunitionToGo.com so that we can immediately investigate the matter and put an end to the SPAMing. Our team will work as long and as hard as necessary to fight back against the hacker and anyone else who buys and abuses the stolen information.
We look forward to re-earning your trust in the future and again apologize for this breach. If we find any additional information as our investigation develops, we will update this page with that information.
Scott
Customer Service Manager
AmmoToGo.com