“KandyPens” Has Leaked Full Customer Credit Card Details

  • All purchases made between March 2019 and February 2020 on “KandyPens” come with a risk of credit card exposure.
  • Clients had their details scrapped by Magecart malicious actors, including names, expiration dates, and CVVs.
  • The company isn’t offering protection services, so it’s up to the customers to take the appropriate action now.

If you have bought a vaping pen or an accessory from the online store of the “KandyPens,” you may have had your full credit card details stolen by Magecart malicious actors. The vaporizer products manufacturer and retailer has just informed the California State General Attorney Office of a data breach that could potentially have dire consequences for an undisclosed number of individuals. The company realized that someone had planted a card skimmer on its checkout page in January 2020, and immediately hired a forensic investigator to find out what was going on.

KandyPens reports that purchases made between March 7, 2019, and February 13, 2020, may have resulted in the loss of credit and debit card data. More specifically, the information that may have been stolen by the malicious actors includes the clients’ name, their credit or debit card number, the expiration date, and the security code/verification number (CVV). There’s literally nothing else that one would need to make online purchases by using another person’s card, so this exposure is considered entirely disastrous.

For this reason, the exposed individuals are advised to closely monitor their bank account activity, review their statements, review their purchase history, and report anything that they don’t recognize to their card issuer. The sooner a suspicious activity is reported, the better the chances of having it reversed. Unfortunately, KandyPens isn’t offering a free-of-charge identity protection service for its clients, although their negligence will cause great troubles to them now. We understand that the cost of these services is high, but this is the only way to retain whatever trust is left between a company and its compromised clients.

The vaporizer seller is instead urging its customers to call them at “1-833-968-1687” to address whatever questions they may have in regards to the incident. As for what you can do to avoid this type of event in the future, you should favor electronic payment methods or cash with “pay on delivery” if this is an option. If there’s no other way to pay than using your credit or debit card, ask your bank to activate OTP (one-time passwords) for this kind of payment, so you can confirm them by using your phone every time. Thankfully, phone numbers haven’t been exposed this time, so you can at least stay clear from SIM-swappers.

Latest
How to Watch Yes, Chef! Christmas Online from Anywhere
Yes, Chef! Christmas follows Alicia, a culinary school instructor with no goals or aspirations. When Alicia receives an invitation to compete in...
How to Watch European Rugby Champions Cup 2023 Online Free: Live Stream the Matches from Anywhere 
The tenth season of the European Rugby Champions Cup, aka Investec Champions Cup, is upon us. Rugby fans in the UK can...
How to Watch Round and Round Online from Anywhere
Round and Round is an odd Christmas tale about Rachel, who is stuck in a time loop, and forced to relive the...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari