Salt Life Data Security Issue

Frequently Asked Questions

  1. What happened?

    Salt Life recently confirmed through forensic experts that unauthorized malware intrusions of its system captured customer payment information. Salt Life believes that payment cards used to make a purchase at its eCommerce website www.saltlife.com between the dates of December 12, 2018, and March 12, 2019, as well as from 7:30 AM ET to 9:30 AM ET on April 11, 2019, may have been exposed in these intrusions. Salt Life does not store on its system customer payment card information entered to make purchases at the Salt Life eCommerce website www.saltlife.com but we believe such information may have been exposed as it was being entered to make a purchase at that website. Because of this incident, there is a possibility of fraudulent charges on credit or payment cards used to make purchases at www.saltlife.com during the above-referenced periods. Salt Life has provided notice to the applicable card companies.

  2. What information was involved?

    Salt Life believes that the malware associated with the intrusions may have allowed access to customer payment card information. No social security data was exposed in the intrusions, nor does Salt Life believe that any other personal information beyond payment card information was exposed.

  3. What did Salt Life do when it discovered the issue?

    Once Salt Life became aware of the issue, it quickly took steps to determine its nature and scope. Salt Life has removed the malware associated with the intrusions from its system and taken actions to secure its website by working with recognized data security experts to conduct a thorough investigation of the incident and determine additional measures designed to build stronger protections against future incidents of this nature. Although the risk of data security incidents cannot be eliminated altogether, Salt Life has taken procedural, policy, and technical steps to minimize the risk of this type of event.

    To help relieve concerns and restore confidence following this incident, we have engaged Kroll to provide identity monitoring services at no cost to customers who used payment cards to make a purchase at www.saltlife.com between the dates of December 12, 2018, and March 12, 2019, as well as from 7:30 AM ET to 9:30 AM ET on April 11, 2019. The offered credit and identity monitoring services through Kroll include Credit Monitoring, Web Watcher, Public Persona, Quick Cash Scan, $1 Million Identity Fraud Loss Reimbursement, Fraud Consultation, and Identity Theft Restoration. These customers were sent information regarding how to enroll in these services. Salt Life has also established a call center available to answer any questions such customers may have.

  4. Does Salt Life know who did this?

    Salt Life does not know the identity of the party or parties responsible for the unauthorized intrusion.

  5. Who is being notified?

    Salt Life is notifying customers believed to have used credit or payment cards to make purchases at the Salt Life eCommerce website www.saltlife.com between the dates of December 12, 2018, and March 12, 2019, as well as from 7:30 AM ET to 9:30 AM ET on April 11, 2019, to provide information on how they can protect their data.

  6. What is Salt Life doing to protect my information?

    Salt Life has removed the malware associated with the intrusions from its system and taken actions to secure its website by working with recognized data security experts to conduct a thorough investigation of the incident and determine additional measures designed to build stronger protections against future incidents of this nature. Although the risk of data security incidents cannot be eliminated altogether, Salt Life has taken procedural, policy, and technical steps to minimize the risk of this type of event.

  7. What should I do to help protect my information?

    Salt Life recommends that you remain vigilant for incidents of identity theft and fraudulent charges by reviewing account statements and monitoring free credit reports, as detailed below. If you notice suspicious activity in your financial records, you should report it immediately to any financial institution involved. You may also ask your bank to replace your card at any time with a new card identified with a different set of numbers.

    You can also place a credit freeze on your credit report. You can do so by contacting each of the credit agencies listed below. A credit freeze prohibits a credit reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a credit freeze may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services.

    When you contact the agencies, you will need to provide the following information:

    1. Full name, with middle initial and any suffixes;
    2. Social Security number;
    3. Date of birth;
    4. Current address and previous addresses for the past 5 years (if any);
    5. A legible photocopy of a government-issued identification card;
    6. Proof of current address, such as a copy of a current utility bill; and
    7. If you are a victim of identity theft, any applicable incident report, police report or complaint with a law enforcement agency concerning identity theft.

    You may also place a fraud alert on your credit report. A fraud alert tells creditors to follow certain procedures like contacting you before they open any new accounts or change your existing accounts. For example, when a creditor receives a request to change one of your existing accounts, before making the change that creditor may call you to verify that you requested a change to your existing account. You can place a fraud alert with one of the credit agencies listed below and that agency will alert the other two agencies.

    You can also contact the Federal Trade Commission (“FTC”) and the attorney general of the state in which you reside to obtain information about how to prevent identity theft. The contact information for the FTC is below:

    • You may contact the FTC at Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580, or at 1-877-IDTHEFT (438-4338), or by visiting www.consumer.ftc.gov

    You may also call your local sheriff’s office and file a police report of identity theft, keeping a copy of the police report.

    You may also obtain a copy of your credit report, free of charge, whether or not you suspect any unauthorized activity on your account. You may obtain a free copy of your credit report, once every 12 months from each of the agencies, by contacting any one of the following national consumer reporting agencies:

    You can also order a free credit report by visiting www.annualcreditreport.com, by calling toll-free at 1-877-322-8228, or by mailing a completed Annual Credit Report Request Form (available at https://www.consumer.ftc.gov/articles/pdf-0093-annual-report-request-form.pdf) to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.

  8. What if I have additional questions about this data security issue?

    For additional questions, please contact Salt Life’s call center at 800-491-9358.

1 (844) 609-6592 ©2019 SALT LIFE. All Rights Reserved. Site Design by EYStudios.

SECURE SHOPPING

256 BITS SSL ENCRYPTION