Customer data for purchases made through the Garmin South Africa shop has been stolen, according to a notice sent to affected users by the company on 12 September.

“We recently discovered theft of customer data from orders placed through shop.garmin.co.za (operated by Garmin South Africa) that compromised your personal data related to an order that you placed through the website,” Garmin SA managing director Jennifer van Niekerk told customers.

The compromised data was limited to only Garmin’s South Africa site, and contained the following information:

  • Payment card number
  • Payment card expiration date
  • Payment card CVV number
  • First name
  • Last name
  • Physical address
  • Phone number
  • Email address

The stolen data is extensive, and contains all the information required to make purchases with the victims’ credit cards.

“We recommend that you review and monitor your payment card records to make sure there were no unauthorized purchases,” van Niekerk said.

Security and apology

Van Niekerk told affected users that they should contact their bank or payment card provider for direction if they suspect that criminals have used these stolen details to make fraudulent payments.

“As a valued customer, we apologize for this incident and assure you that Garmin takes our obligation to safeguard personal data very seriously,” she told customers.

MyBroadband asked Garmin how this information was compromised and what it has done to improve its security following the theft, but the company did not immediately respond to requests for comment.