Hammer Nutrition

The California Office of the Attorney General disclosed a data breach affecting Hammer Nutrition in January 2019. The incident originated on January 1, 2018, when unauthorized actors gained access to the company’s systems by deploying malware on its website provider’s servers. This breach specifically targeted customer payment card information, exposing sensitive financial data. The prolonged exposure (over a year) heightened risks of fraudulent transactions and identity theft for affected customers. While the exact number of impacted individuals was not specified, the compromise of payment card details including credit/debit card numbers posed significant financial and reputational risks. The breach was attributed to a cyber attack leveraging malware, with no evidence of ransomware involvement. The company likely faced regulatory scrutiny, customer distrust, and potential financial liabilities due to the failure to secure third-party infrastructure.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-143424

TPRM report: https://www.rankiteo.com/company/hammerdachli

"id": "ham024091825",
"linkid": "hammerdachli",
"type": "Cyber Attack",
"date": "1/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Nutrition/Health',
                        'location': 'California, USA',
                        'name': 'Hammer Nutrition',
                        'type': 'Company'}],
 'attack_vector': "Malware (on website provider's servers)",
 'data_breach': {'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Payment card information'},
 'date_detected': '2019-01-02',
 'date_publicly_disclosed': '2019-01-02',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving Hammer Nutrition on January 2, 2019. The '
                'breach began on January 1, 2018, and involved unauthorized '
                'access to customer payment card information due to malware '
                "placed on the website provider's servers.",
 'impact': {'data_compromised': ['Payment card information'],
            'identity_theft_risk': 'High (payment card data exposed)',
            'payment_information_risk': 'High',
            'systems_affected': ["Website provider's servers"]},
 'initial_access_broker': {'entry_point': "Website provider's servers "
                                          '(malware)',
                           'high_value_targets': 'Payment card data'},
 'post_incident_analysis': {'root_causes': "Malware on website provider's "
                                           'servers leading to unauthorized '
                                           'access to payment card data'},
 'references': [{'date_accessed': '2019-01-02',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'response': {'law_enforcement_notified': 'Yes (California Office of the '
                                          'Attorney General)'},
 'title': 'Hammer Nutrition Data Breach (2018-2019)',
 'type': 'Data Breach'}

Hammer Nutrition

Facebook: Phishing Scams Exploit Browser Attacks to Steal Facebook Passwords

AZ Monica: Antwerp’s AZ Monica hospital hit by cyber attack

Poland’s power system: Massive cyberattack on Polish power system in December failed, minister says