Share this article on:
Golf club manufacturing giant Topgolf Callaway Brands Corp is currently investigating a cyber incident that has led to the data of over 1 million of its customers being compromised.
A notice of the breach issued by the Office of the Maine Attorney General states that the incident, which occurred on 1 August, was an “external system breach (hacking)”.
The attack was discovered just over two weeks later, on 16 August, with a total number of affected customers reaching 1,114,954 across the Callaway, Odyssey, Ogio and Callaway Golf Pre-owned websites.
Data affected in the breach included names, email addresses, phone numbers, mailing addresses, order history, account passwords and security question answers.
The company has said that no full payment card numbers or any government identification, such as Social Security numbers, were compromised, as they are not stored by TopGolf Callaway.
“Upon learning of the incident, Topgolf Callaway initiated an investigation with the assistance of external advisors and notified law enforcement,” said TopGolf Callaway in a notice to its customers.
“Thankfully, due to the quick work of our team, we detected this incident early and took steps to contain it.
“Our customers experienced a temporary outage before our e-commerce services resumed.”
The company has said it has taken numerous steps to secure data and improve its security systems, including disabling security questions and forcing password resets, adding additional layers of protective security and improving security protocols. In addition, Topgolf Callaway has said that it is continuing to work with external advisers.
Outside of the information provided by the Office of the Maine Attorney General that the incident was a breach of systems by an external party or a “hack”, not much is known about the nature of the breach.
Topgolf Callaway has an annual revenue of over US$1.2 billion and is based in over 70 countries with over 25,000 staff.