The California Office of the Attorney General disclosed a data breach affecting AeroGrow International between May 13, 2015, and June 10, 2015. The incident exposed sensitive customer information, including names, addresses, payment card details, and expiration dates, impacting approximately 1,000 individuals. The breach compromised personal and financial data, raising concerns over potential fraud and identity theft risks for affected customers. While the exact method of the breach (e.g., phishing, system vulnerability, or external cyber attack) was not detailed, the exposure of payment card information suggests a significant financial and reputational threat. The company was required to notify affected individuals and likely faced regulatory scrutiny under California’s data protection laws. No evidence suggested ransomware involvement or broader systemic disruption, but the leak of customer financial data aligns with high-severity incidents under data protection frameworks. The breach underscores vulnerabilities in handling sensitive consumer information, particularly in e-commerce or retail sectors where payment data is a prime target for cybercriminals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-56988
TPRM report: https://www.rankiteo.com/company/aerogrow
"id": "aer410082025",
"linkid": "aerogrow",
"type": "Breach",
"date": "5/2015",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1,000',
'name': 'AeroGrow International',
'type': 'Company'}],
'data_breach': {'number_of_records_exposed': '1,000',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['personal information',
'payment card data']},
'date_publicly_disclosed': '2015-07-09',
'description': 'The California Office of the Attorney General reported a data '
'breach involving AeroGrow International. The breach occurred '
'between May 13, 2015, and June 10, 2015, potentially '
'affecting customer personal information, including names, '
'addresses, payment card details, and expiration dates. '
'Approximately 1,000 individuals were affected.',
'impact': {'data_compromised': ['names',
'addresses',
'payment card details',
'expiration dates'],
'identity_theft_risk': 'Potential',
'payment_information_risk': 'High'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'AeroGrow International Data Breach (2015)',
'type': 'Data Breach'}