Running Warehouse

Running Warehouse operates as an online retailer specializing in sports gear and footwear, serving customers through its primary e-commerce platform and three affiliated online sports retail sites. The organization is headquartered in the United States and its business model centers on the digital sale of athletic equipment and apparel. The scope of its market reach and specific product inventory details are not provided in the available information. Its operational scale, including metrics such as annual revenue or employee count, is not explicitly stated.

A significant cybersecurity incident occurred on October 1, 2021, when a threat actor breached an external system targeting Running Warehouse and its three affiliated online sports retailers. This attack resulted in the compromise of personal and financial data belonging to approximately 1.8 million customers. Stolen information included names, account passwords, and credit and debit card details, specifically the sensitive CVV codes. The unauthorized access was not detected for several weeks, after which an investigation confirmed the exfiltration of data. Following discovery, the affected companies implemented their incident response protocols, which involved notifying all impacted individuals, reporting the breach to relevant payment card networks and law enforcement agencies, and engaging third-party digital forensics experts. The investigation's findings were used to identify and remediate security vulnerabilities to prevent future compromise. The exposure of full payment card data, including CVV, created substantial risks of financial fraud for the victims. Despite the severity of the data exposed, the organization did not provide identity protection services to those affected by the breach. This event represents a major data security failure with extensive consequences for the customer base of the corporate group.