Skip to main content

Indoor Gardening Company AeroGrow May Have Had Data Breach 

By May 3, 2019May 19th, 2022Cybersecurity

Do you do any indoor gardening?  If so, odds are that you own AeroGrow equipment. If that’s the case, some of your personal information, including the credit or debit card number you paid for the goods with, may have been compromised.

The company recently notified its customers that they discovered malware lurking on their payment processing page.

For reasons that aren’t yet clear, the company did not detect the malicious code for some four months. They estimate that the malware was active between October 29, 2018 and March 4, 2019.

Aerogrow has notified the FBI and enlisted the aid of a third party to assist with the forensic investigation, which is ongoing.  At present, the company is unable to determine how many of its customer records were compromised.

To this point, they have confirmed that among impacted customers, the following information was taken:

  • Credit or Debit card number
  • Expiration date
  • Security Code
  • Any personal data the customer may have used to verify processing of the payment in question

Grey Gibbs, the AeroGrow Senior VP of Finance and Accounting issued a formal apology in the aftermath of the incident, saying, “I want to sincerely apologize for this incident and I regret any inconvenience it may have caused you.  I want to assure you that we take this criminal act very seriously and have addressed it thoroughly.”

The company’s response has been generally good, and they’ve offered a year of free credit monitoring to all impacted customers. However, that’s small consolation to those who now have to deal with the prospect that their identities may have been stolen and may face fraudulent charges on their credit cards in the weeks and months ahead.

If you’re an AeroGrow customer, to be safe, report your payment card as compromised and take whatever other steps you deem necessary to protect your identity.

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.