Outdoor Smart! (Campfire Collective) Data Breach Affects 19,864 People

Outdoor Smart! Inc., which operates the Campfire Collective website, recently experienced a significant data breach that exposed sensitive payment information for thousands of individuals across the United States. The breach impacted a total of 19,864 people, including at least six residents of Maine.

The security incident was discovered on Nov. 3, 2025, when Outdoor Smart! Inc. was alerted to unusual activity on its Campfire Collective website by its payment processing partner. Upon investigation with third-party cybersecurity specialists, the company identified unauthorized code embedded on its website. This malicious code was designed to capture payment card information from customers making purchases.

The unauthorized code was present on the Campfire Collective website from Feb. 15, 2024, through Nov. 4, 2025. During this period, the code may have captured the following personally identifiable information (PII): name, card type, card number, expiration date and CVC. Outdoor Smart! Inc. confirmed that the code was removed on Nov. 4, 2025, and that the threat had been contained.

The breach was officially confirmed on Dec. 4, 2025, and affected individuals began receiving written notifications on Dec. 19, 2025. The company disclosed the breach to the California, Maine and Vermont Attorney Generals' offices in December 2025, in accordance with state laws.

Outdoor Smart!'s response

Following the discovery of the breach, Outdoor Smart! acted quickly to remove the unauthorized code and engaged external cybersecurity experts to investigate and secure its systems. The company has completed its containment and remediation efforts and is reviewing its existing policies and procedures to further strengthen its cybersecurity posture.

To support those affected, Outdoor Smart! is offering 24 months of complimentary credit monitoring and identity restoration services through Epiq.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Outdoor Smart! or a company that does business with Outdoor Smart! .
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.