Petco has reported a data breach that exposed customer personal information, as revealed in a filing with California’s attorney general. The company identified a flaw in one of its software applications that allowed certain files to be accessed online. Petco discovered this issue independently and acted quickly to remove the files. However, the notification letter to customers did not detail what specific types of personal information were compromised. Spokesperson Ventura Olvera confirmed that the company provided more information to those directly affected but did not clarify how many customers were impacted or what data was exposed. California law mandates disclosure for breaches affecting 500 or more residents, indicating that at least that many customers in California are involved. Petco has also reached out to some customers in Massachusetts and three individuals in Montana. To mitigate potential harm, Petco is offering free credit and identity theft monitoring services to affected customers. This is particularly relevant under California law, which requires companies to provide support if sensitive information, such as driver’s license numbers or Social Security numbers, is compromised. In its letter, Petco mentioned that it corrected the application settings and has taken additional security measures, though specifics on these measures were not provided.