Patagonia has broken its silence on a hacking scandal affecting 12,500 customers.
In a statement to ragtrader.com.au, the outdoor clothing company said investigations into the matter are ongoing:
"Patagonia is committed to providing a safe and secure e-commerce shopping experience and deeply apologises for any inconvenience or frustration that this incident may have caused.
"The incident was effectively contained on the 12th of September and has now been resolved.
"Upon becoming aware of the potential threat, Patagonia promptly engaged outside forensic experts to investigate the incident and to assist us in developing a better understanding of the situation.
"We have already taken steps to strengthen our website security and are continuing to design and implement enhanced security measures in order to prevent this type of incident from recurring.
"Out of an abundance of caution, we decided to temporarily disable the Patagonia.com.au as we continued our investigation and implemented enhanced security measures.
"Furthermore, because we value our customers and their privacy, we are offering eligible customers one year of complimentary credit monitoring to help protect our customers and their personal information.
"Our investigation is ongoing, but at this time is appears that approximately 12,500 individuals, who registered an account of transacted on Patagonia's Australian e-commence website (patagonia.com.au), may have been impacted by a potential compromise to certain website registration data.
"While we have found no evidence of unauthorised access to this website registration data, we provided notice out of an abundance of caution because we value our customers and wanted to keep them informed and aware of steps that may be taken to help prevent future misuse.
"We believe that payment card transaction data may have also been put at risk for approximately 600 customers, who transacted on the Australian e-commerce site between the 4th of August and the 12th of September.
"We should note this issue is limited to Patagonia's Australian website (www.patagonia.com.au); other company domains are operated separately and were not affected.
"The incident has been reported to the Australian Federal Police as well as the Office of the Australian Information Commissioner, and we will continue to cooperate with appropriate authorities moving forward."