Cyber Incident Victim: Hi-Tec Sports

Hi-Tec Sports, a Netherlands-based company with U.S. headquarters in California, experienced a payment card data breach affecting customers who used its Hi-Tec and Magnum Boots online ordering systems. The company initiated an investigation after multiple customers reported fraudulent activity on payment cards following purchases through the Magnum Boots website. While the exact date of initial customer complaints remains undisclosed, Hi-Tec's Chief Financial Officer DeGay Harris confirmed the organization contacted its web developer upon recognizing suspicious patterns. This developer identified unauthorized code within the order completion page's programming on March 11, 2016, prompting Hi-Tec to immediately suspend all payment card transactions on their websites and engage a specialized computer security firm for forensic analysis.

Forensic examination determined the malicious code intercepted customers' personal and financial information before encryption during the checkout process. Compromised data included names, addresses, email addresses, phone numbers, payment card numbers, expiration dates, and CVV security codes. Investigators confirmed the breach impacted orders placed between January 24, 2016, and March 11, 2016, with evidence suggesting potential compromise of transactions occurring before January 24. Log analysis indicated the code's presence dated back to at least September 21, 2014, though insufficient log data prevented establishing the precise installation date. Due to this uncertainty, Hi-Tec expanded notification to all customers who placed online orders between September 22, 2014, and January 23, 2016. As a corrective measure, the company announced development of a new e-commerce platform to replace the compromised system.