Promo.com Data Breach - FAQ
What happened?
On July 21, 2020, our team became aware that a data security vulnerability on a 3rd party service had caused a breach affecting certain non-finance related Slidely and Promo user data. We immediately stopped all suspicious activity and launched an internal investigation to further learn about what happened.
What are we doing about it?
We take this occurrence and the security of your information very seriously. We are taking action to protect you and the rest of our community in the following ways:
We are sending you this update with recommendations on what you should do.
We have completely removed the vulnerable 3rd party service.
We’ve hired a top cyber security firm to further reinforce our protections.
We continuously enhance our safeguards and systems that detect and prevent unauthorized access to user accounts.
What information could have been impacted by this incident?
First and foremost, no financial data, including credit cards and billing information was exposed as we do not store it on our servers.
The exposed data includes first name, last name, email address, IP address, approximated user location based on the IP address, gender, as well as encrypted, hashed and salted password to the Promo or Slidely account. Although your account password was hashed and salted (a method used to secure passwords with a key), it’s possible that it was decoded.
Your Log in via your social media account was not affected.
Is it safe to continue using my Promo.com account?
Yes. Out of a precautionary measure we have notified all Promo.com customers who might have been affected and have recommended that they reset their passwords.
What you should do
As an immediate precautionary measure, you will be requested to change your Promo or Slidely password when you next log in to your account. We recommend that you change your password as soon as possible.
In order to keep your account safe please use this link: https://promo.com/forgot-password to and follow the steps to reset your password.
If you use the same or a similar password for other online accounts, we strongly recommend you change your password to protect those accounts as well.
For your convenience, please check out the best practices here
I have more questions about my account. Who can I talk to?
You may reach out to our 24/7 support team directly by emailing [email protected] and we will be happy to help with any questions or concerns.
For more information:
New York Department of State Division of Consumer Protection:
http://www.dos.ny.gov/consumerprotection (Consumer Helpline: (800) 697-1220)
NYS Attorney General at: http://www.ag.ny.gov/home.html
Federal Trade Commission at: www.ftc.gov/bcp/edu/microsites/idtheft/ (Helpline: 1-877-438-4338). 600 Pennsylvania Avenue, NW, Washington, DC 20580
Credit reporting agencies:
Equifax: www.equifax.com or 1-800-685-1111.
Equifax Information Services LLC
P.O. Box 105788 Atlanta, GA 30348-5788
Experian: www.experian.com or 1-888-397-3742
475 Anton Blvd.
Costa Mesa, CA 92626
TransUnion: www.transunion.com or 1-888-909-8872
P.O. Box 160
Woodlyn, PA 19094