Camping World and Good Sam are companies under the same holding group, CWGS Group. Both companies sell recreational vehicles (RVs) and parts to upgrade and fix them.
The breach was someone gaining unauthorized access to specific CWGS internal systems, during which the hacker(s) accessed some very personal data about customers and employees. This included names, social security numbers, addresses, financial data, credit and debit card details, government IDs, and more.
The breach seems to have occurred with a phishing scam or firewall break. If a hacker compromised the companies’ firewall, it would have granted them practically unadulterated access to their systems. This also would have been possible through a phishing scam, in which they may have gained employee credentials that gave them access to the company databases.
This breach occurred between January 14, 2022, and February 13, 2022.
The breach seems to affect customers and employees of Camping World and Good Sam, though such data has yet to be released. In a notification sent to the Massachusetts Attorney General’s Office, the companies stated, “We conducted a comprehensive review of the involved data to determine if it contained any personal information. On July 20, 2022, we determined that the data contained personal information that included your name, together with your” and then proceeded to list the details leaked, which varied depending on the individual.
The notification letters did not explain how many individuals were affected, though they did outline a plan to keep victims safer now and in the future. The companies did, however, offer the victims two free years of credit monitoring.