Polar Investigates Security Breach Impacting US Online Store
Polar is investigating a security incident that affected its online store in the United States. Initial reports indicate a potential compromise of a limited number of customer order details. The company’s early findings suggest that a small percentage of user accounts were accessed in this breach.
The investigation also revealed that fraudulent transactions were attempted using some compromised accounts. Furthermore, new fraudulent accounts, likely created using stolen information from a third-party database, were also used to attempt unauthorized purchases.
All Polar online stores’ login and registration functions have been temporarily disabled. However, customers can still make secure purchases as guest users.
Polar has confirmed that this security breach is confined to its US online store and does not impact other customer data, including sensitive information linked to Polar Flow accounts. Polar Flow, which tracks users’ fitness data and daily activity, remains unaffected by this incident.
Broader Industry Context
Polar is not the first company in the fitness and wearables industry to face a cybersecurity challenge. Other major players, including Garmin, have experienced significant hacking attempts and data breaches in recent years. Garmin, a global leader in GPS technology and wearables, was hit by a high-profile ransomware attack in 2020 that crippled its services for several days. This attack, attributed to the WastedLocker ransomware group, disrupted Garmin’s systems globally, including Garmin Connect, which many users rely on to sync their fitness data. Customers could not upload workout data, use the company’s aviation navigation services, or access other critical functionalities.
The Garmin incident, reportedly involving a multimillion-dollar ransom demand, was a wake-up call for the fitness technology sector. It underscored the vulnerability of companies that manage large volumes of user data and cloud-based services. Garmin’s response, which included gradually restoring services over several days and enhancing its security protocols, has since become a case study in cybersecurity resilience within the industry.
Indeed, only a few weeks ago, the hacking issue surfaced at a watch level with the Fenix 8, which hackers stated could now be manually taken over in the boot process. A few years ago, ethical hackers made 13 discoveries about Garmin’s need to improve security on over 100 watch variants.
These and other breaches highlight the escalating need for fitness tech companies to prioritize robust cybersecurity strategies. These platforms handle sensitive personal data such as health metrics, GPS locations, and payment information, so companies like Polar and Garmin are under increasing pressure to safeguard their systems from evolving cyber threats.
Next Steps
Polar is collaborating with its service provider and cybersecurity experts to assess the scope of the breach. If you are in the USA and wish to buy from the Poalr store directly, you must use a guest account.
Movements in polar devices 😉 thanks to FCC ..