CHARLOTTE — cbdMD, Inc., a producer and distributor of cannabidiol (CBD) products, revealed that its e-commerce platform underlying retail website cbdmd.com was modified by an unauthorized third-party to include malicious code, according to an 8-K filing with the Securities and Exchange Commission.
According to the securities filing, “the malicious code created a risk that customer-input elements on the webpage may have been skimmed by an unauthorized third-party.” cbdMD said it could not confirm what customer data may have been affected. The company will be providing notice of the incident to customers who may be at risk starting Monday. The potentially at-risk customers will also be offered one year of identity monitoring for free.
cbdMD has notified federal law enforcement and is cooperating with their investigation.
The company has also implemented security measures hoping to prevent similar incidents in the future.
The North Carolina Business News Wire reached out for further comment and has not heard back by the time of publication.
The 8-K filing is available here.
This story is from the North Carolina Business News Wire, a service of UNC-Chapel Hill’s Hussman School of Journalism and Media