NEWYou can now listen to Fox News articles!

Petco revealed a data breach that exposed sensitive customer information. The company disclosed the details in state filings after identifying a configuration in one of its software applications that made certain files accessible online. This issue has now been corrected, but the impact is significant.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter

THIRD-PARTY BREACH EXPOSES CHATGPT ACCOUNT DETAILS

A dog looking at a laptop with on the Petco website.

Petco disclosed a breach that exposed customer data after a software setting left files accessible online. (Photographer: Tiffany Hagler-Geard/Bloomberg via Getty Images)

What Petco says the breach exposed

According to reports filed with the Texas attorney general’s office, the exposed data included names, Social Security numbers, driver’s license numbers, financial account details, credit or debit card numbers and dates of birth. Filings in California, Massachusetts and Montana confirm additional affected residents.

In California, companies must report breaches involving at least 500 state residents. Petco did not disclose the exact number, which suggests the real total is higher. For context, Petco said in 2022 that it served more than 24 million customers.

Petco says the company sent notifications to individuals whose information was involved. The sample notice released by the California attorney general explains that a software setting allowed certain files to be accessible online. Petco says it removed those files, corrected the setting and added new security measures.

The company is offering free credit and identity theft monitoring to victims in California, Massachusetts and Montana. It is not clear if similar support is being offered to affected Texas residents.

We reached out to Petco for comment, and a representative provided CyberGuy with the following statement,

“We recently identified a setting in one of our applications which inadvertently made certain Petco files accessible online. Upon identifying the issue, we took immediate steps to correct the error and began an investigation. We notified individuals whose information was involved and continue to monitor for further issues. We take this incident seriously. To help prevent something like this from happening again, we have taken and will continue to take steps to enhance the security of our network.”

What this breach means for you

A breach that exposes government IDs, financial numbers and birth dates creates long-term risks. Criminals use this mix of information to open accounts, take over existing ones or try to pass identity checks. Even if no fraud happens right away, exposed data can sit in criminal markets for years.

Ways to stay safe after a breach like this

You can take several steps today that help lower your risk and protect your identity going forward.

1) Place a credit freeze

A freeze blocks new credit accounts in your name. It also stops criminals from opening loans or credit cards with your stolen information. You can freeze your credit for free at Equifax, Experian and TransUnion.

2) Add two more freezes

Two additional freezes cover accounts that do not run through the major credit bureaus. Freeze ChexSystems to stop criminals from opening checking or savings accounts. Freeze NCTUE to block fake phone, cable or utility accounts.

3) Turn on account alerts

Set up alerts for banking, credit cards and online shopping accounts. Alerts help you spot suspicious activity fast.

4) Use a password manager

Strong passwords protect you from credential stuffing attacks. This happens when criminals take stolen passwords from one breach and try them on other sites. A password manager creates unique passwords for every account and helps you stop those attacks before they start.

Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

5) Monitor your identity

If Petco offered you free identity theft monitoring, enroll as soon as possible. It helps you catch fraud that can happen months or years later.

Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com

WHY YOUR HOLIDAY SHOPPING DATA NEEDS A CLEANUP NOW

State filings show Petco customers had Social Security and financial information exposed in the breach. (Photo by Justin Sullivan/Getty Images)

6) Remove exposed personal data

Data broker sites collect and share personal details that fuel scams. Removing your information reduces your exposure and makes you a harder target.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

WHY SCAMMERS OPEN BANK ACCOUNTS IN YOUR NAME

Petco says it corrected the software issue and notified individuals whose information was compromised. (Photo by Paul Weaver/SOPA Images/LightRocket via Getty Images)

7) Watch for phishing and use strong antivirus software

Scammers often follow a breach with emails or texts that look real. Slow down and check every message before you click. A strong antivirus helps block malicious links and alerts you when something looks risky.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaways

Data breaches happen often, but this one involves information that can cause lasting harm. You can protect yourself with a few quick steps that reduce the chance of fraud and limit how far criminals can get with your data.

How much trust do you place in companies to protect your personal information? Let us know by writing to us at Cyberguy.com

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.