Polar investigates security incident that has affected its consumer online store
Polar’s online store in the United States has been subjected to various levels of disruption, resulting in the suspected compromise of individual users’ order information. According to preliminary information, only a few customers' account details have been accessed. As the investigation progressed, it was revealed that attempts had been made to make fraudulent online purchases using the compromised accounts. In addition to individual account breaches, new fraudulent user accounts have been created in the online store, which have also been used to attempt purchases. The user information on these fraudulent user accounts was likely stolen from another customer database outside Polar.
Polar is investigating the matter together with a service provider, but for now, the details of the cybersecurity attack are still being examined. To ensure the security of customer data, the login and registration function in all of Polar's online stores has been temporarily disabled. Purchases can be made safely as a guest user without logging in.
The data breach has affected only a small portion of customers in Polar’s US online store. The breach does not apply to any other customer data stored by Polar. We want to emphasize that the data of Polar Flow users has not been compromised during the attack.
We take this matter seriously and will strictly comply with all cybersecurity laws and regulations. We are currently investigating the matter with various experts and authorities. We will inform US online store customers directly and will provide more updates as the investigation progresses.
Do I need to do anything?
No actions are required from users as the sign-in and registration has been deactivated by Polar. Purchases can be safely made as a guest without registering or logging in.