Petco’s Vetco Clinics website experienced a data leak exposing sensitive customer and pet information due to a security vulnerability. The incident highlights ongoing cybersecurity issues within Petco, marking their third breach in 2025. #InsecureObjectReference #VetcoDataLeak
Keypoints
- Petco’s Vetco Clinics website was vulnerable to a security lapse that exposed customer data.
- The leak was caused by an insecure direct object reference (IDOR) allowing unauthorized access to files.
- Exposed data included personal, medical, and pet-specific information such as addresses, health records, and microchip numbers.
- This is the third data breach Petco has experienced in 2025, involving various sensitive information.
- Petco has not disclosed detailed measures taken after the breach, but they claim to be strengthening security.