Wilson's Gun Shop, Inc. d/b/a Wilson Combat

The Washington State Office of the Attorney General disclosed a data breach at Wilson Combat (Wilson's Gun Shop Inc.) on September 12, 2022, caused by malware infiltrating the company’s servers. The incident exposed sensitive information of 3,788 customers in Washington who made purchases between September 17, 2020, and February 3, 2022. Compromised data included names, addresses, and credit card details, posing risks of financial fraud and identity theft. The breach stemmed from a cyber intrusion, likely involving unauthorized access to payment systems or customer databases. While the exact method of malware deployment remains undisclosed, the attack highlights vulnerabilities in the company’s cybersecurity defenses, particularly in safeguarding payment processing infrastructure. The exposure of financial data—especially credit card information—raises concerns over potential fraudulent transactions, reputational damage, and regulatory scrutiny. Customers affected may face long-term risks, including phishing attempts and unauthorized account access. The breach underscores the critical need for robust security measures in industries handling sensitive payment data.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=13825

TPRM report: https://www.rankiteo.com/company/wilson-combat

"id": "wil245082125",
"linkid": "wilson-combat",
"type": "Cyber Attack",
"date": "9/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '3,788 (Washington customers)',
                        'industry': 'Firearms and Accessories',
                        'location': 'Washington, USA',
                        'name': "Wilson's Gun Shop Inc. d/b/a Wilson Combat",
                        'type': 'Retail (Gun Shop)'}],
 'attack_vector': 'Malware',
 'data_breach': {'number_of_records_exposed': '3,788',
                 'personally_identifiable_information': ['names', 'addresses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Payment Card Information']},
 'date_publicly_disclosed': '2022-09-12',
 'description': 'The Washington State Office of the Attorney General reported '
                "a data breach involving Wilson's Gun Shop Inc. d/b/a Wilson "
                'Combat on September 12, 2022. The breach occurred due to '
                'malware downloaded onto servers, affecting 3,788 customers in '
                'Washington who made purchases between September 17, 2020, and '
                'February 3, 2022, with potentially compromised names, '
                'addresses, and credit card information.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'credit card information'],
            'identity_theft_risk': 'Potential',
            'payment_information_risk': 'High',
            'systems_affected': ['servers']},
 'post_incident_analysis': {'root_causes': 'Malware downloaded onto servers'},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Washington State '
                                                        'Office of the '
                                                        'Attorney General']},
 'title': "Data Breach at Wilson's Gun Shop Inc. d/b/a Wilson Combat",
 'type': 'Data Breach'}