Petco acknowledges that customers' personal data was exposed due to security breach.

Petco, a leading provider of pet products and services, announced on Wednesday that a security incident exposed some of its customers personal data. The company disclosed the breach in a filing with the California attorney generals office.

The state shared a sample notification letter that Petco is sending to customers impacted by the breach. According to the letter, Petco found a configuration within one of our software applications that unintentionally allowed certain files to be publicly accessible online. The company stated that it discovered the issue internally and promptly acted to resolve the problem and remove the files from online access.

The notification did not detail the specific types of customer data affected.

Petco spokesperson Ventura Olvera told TechCrunch that the company has provided additional information to those whose data was involved. Olvera did not answer follow-up questions regarding the number of affected customers or the nature of the exposed information.

California law mandates reporting of data breaches affecting 500 or more residents, implying that at least 500 Petco customers in the state were impacted. Notifications have also been sent to an unspecified number of people in Massachusetts, as well as three individuals in Montana, according to state sources.

Petco is offering complimentary credit and identity monitoring services to affected individuals. California regulations require companies to provide such resources when sensitive data like drivers license or Social Security numbers may have been exposed.

The company stated that it has corrected the applications settings after identifying the issue and has implemented additional security measures and technical controls to strengthen the protection of its software systems.

Author: Chloe Ramirez