Burton Snowboards Comes Clean About Data Breach Following February Cyber Attack

Leading snowboard manufacturer, Burton Snowboards, has recently confirmed that a data breach took place. Some customers’ sensitive information was “potentially” accessed or stolen during what the company described as a “cyber incident” in February.

Burton first discovered the attack on February 11, which caused a “system outage” and forced the company to cancel online orders. The company advised customers who wanted to purchase snowboarding gear to visit a brick-and-mortar Burton store or use its new online rental program.

Additionally, external forensic experts were hired by Burton to determine the nature of the incident and to discover what information was affected during the breach.

According to notification letters recently sent out by Burton to affected customers, “The investigation identified a limited number of files and folders as potentially accessed or taken by an unknown actor”. Burton further stated that “on April 7, 2023, it was determined that some of your information was present in the files and folders that may have been accessed or taken.”

The information that was “potentially” stolen or viewed by the threat actors may include customers’ names, Social Security numbers, and financial account information. While the breach notifications warn affected individuals that their financial information was also involved, Burton’s privacy policy states that its website is 100% PCI compliant. The policy states that “at no point during the order process or post-order process are credit card details or bank account numbers saved or held by Burton.com.”

Account Passwords Reset for Affected Customers

In response to the breach, the company reset the passwords of accounts linked to affected customers. Burton added that it has yet to receive reports regarding misuse or attempted misuse of customer personal information.

“Burton is also notifying relevant state and federal regulators, as required. Finally, we reported this incident to law enforcement and will participate with any criminal investigation into this matter,” the company said.

Burton Snowboards, established in 1977, is now a leading and one of the most well-known snowboard brands, with its products being sold in thousands of stores worldwide. While its headquarters are in Burlington, Vermont, Burton also maintains offices in various locations, including Australia, Austria, Canada, California, China, and Japan.

A spokesperson for Burton Snowboards is yet to reply to a request for more information regarding the February “incident” made by IT Services after the initial disclosure.