Cyber Incident Victim: Skate Warehouse

The incident impacting Skate Warehouse and three affiliated sports gear retail websites was discovered on October 15, 2021, when the organizations first learned of unauthorized access to customer data. Forensic investigations determined that threat actors exfiltrated payment card information and personal details during a breach occurring on or around October 1, 2021. The compromise affected 1,813,224 customers across Tackle Warehouse, Running Warehouse, Tennis Warehouse, and Skate Warehouse. Stolen data included full names, financial account numbers, credit/debit card numbers with CVV codes, and website account passwords. The websites confirmed the breach's scope on November 29, 2021, after completing their investigation. No technical specifics regarding attack vectors or intrusion methods were disclosed in customer notifications or public statements, though the incident was broadly categorized as an "external system breach (hacking)."

Affected entities initiated response measures upon detecting the breach on October 15. Tackle Warehouse representatives reported the incident to payment card networks to flag potentially compromised accounts for fraud monitoring. All four companies engaged digital forensics specialists to investigate the breach and implement security enhancements across their e-commerce platforms. Law enforcement agencies were notified, though no investigative outcomes or suspect details were made public. Customer notifications commenced on December 16, 2021—over two months post-discovery—advising vigilance against fraudulent transactions but omitting offers for identity protection services. The websites emphasized collaboration with forensic investigators to strengthen transaction security, though no specific security improvements or system modifications were detailed in breach disclosures.