WASHINGTON, D.C. -(Ammoland.com)- SB Tactical notified its customers via email that the company experienced a data breach that exposed their personal information to hackers.
As first reported by ZeroHedge, the industry-leading pistol stabilizing device manufacturer saw its customers’ personal information leaked onto the internet. According to the SB Tactical email, customers’ names, addresses, phone numbers, credit card numbers, CCV numbers, and expiration dates might have been leaked. The data breach affected customers that purchased pistol braces through the company’s website between September 19, 2022, and December 13, 2022.
“SB Tactical was recently informed by law enforcement that our website was compromised. It is possible that your credit card number, expiration date, CCV code, cardholder name, address, phone number, and email address were exposed,” the email read.
The company recommends customers monitor their credit card statements for fraudulent charges and contact their financial institution if any unknown charges appear.
Customer support said many customers have canceled their credit cards or requested new numbers from their banks. With the amount of information exposed to hackers, customers run the real risk of having their identity stolen.
“All potentially impacted customers have been notified and encouraged to remain vigilant by reviewing account statements and credit reports closely. If any suspicious activity on an account is detected, the customer should promptly notify the financial institution or company with which the account is maintained. Any fraudulent activity or any suspected incidence of identity theft should also be reported to proper law enforcement authorities,” SB Tactical told AmmoLand in an email.
Hackers installed a piece of malware called a skimmer on SB Tactical’s website. A software skimmer works like a hardware skimmer that might steal your credit card numbers at a gas station. It copies the customer information and transmits it in real time to a third party. SB Tactical has not said how the skimmer was installed on the website.
Companies have experienced an epidemic of data breaches over the past few years. Companies big and small have fallen victim to hackers. Most financial hackers are located in Eastern Europe and sell the stolen information on Dark Web carding sites for a few dollars per number. The hackers usually act in syndicates that package thousands of credit card numbers together and sell them on marketplaces or auction sites for cryptocurrencies, such as BitCoin or Ethereum. The criminals will then wash their currencies through cryptocurrency wallets known as mixers. The biggest mixer, Tornado Cash, was recently shut down, and the United States Department of Justice seized its assets.
The Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) is expected to unveil its rule surrounding pistol stabilizing devices later this month. The new rule will classify many pistols with stabilizing braces as short barreled rifles (SBR) and subject the guns to the National Firearms Act (NFA) regulations. The rule is dropping soon, and the timing of the data breach has led many members of online message boards and YouTube comment sections to float conspiracy theories that the data breach was the work of the ATF to gain information about people buying pistol braces. These theories are unlikely because the ATF has easier and legal ways to get customer information. As we have seen in the past, the government would just approach the site’s credit card processor or shipping company.
Unfortunately, data breaches are a part of a cat-and-mouse game between hackers and security experts. It isn’t “if” your data will be exposed to hackers, but “when” your data will be stolen.
About John Crump
John is a NRA instructor and a constitutional activist. John has written about firearms, interviewed people of all walks of life, and on the Constitution. John lives in Northern Virginia with his wife and sons and can be followed on Twitter at @crumpyss, or at www.crumpy.com.