Heimdal
article featured image

Contents:

See Tickets, the ticketing provider company, announced that they have discovered a long-lasting data breach on their website. Customers have been warned that cybercriminals might have stolen their credit card details.

The data exfiltration has been made through a skimmer, a snippet of JavaScript code injected on the order checkout page.

Details about the Breach

In the data breach notification issued by See Tickets, the company stated that the data breach was discovered in April 2021, and it was completely removed from the website only on January 8, 2022.

During the investigation made with the support of a forensics firm, it was found that the infection happened on June 25, 2019, making the total duration of the exposure slightly more than 2.5 years.

The incident was further explored with the involvement of Visa, MasterCard, American Express, and Discover, until See Tickets concluded on September 12, 2022, that hackers may have reached users’ credit card information.

The information that was exposed is:

  • Full names
  • Physical address
  • ZIP code
  • Payment card number
  • Card expiration date
  • CVV number

The company claims that no Social Security Numbers, state identification numbers, or bank account information were compromised as a result of this incident because they are not stored in its systems.

“The number of the impacted customers is unknown, and See Tickets hasn’t clarified if skimmers infected only the global site or any of the other five domains it operates for regional audiences in the U.S., Canada, and Europe”, according to BleepingComputer.

Customers are advised to be aware of any unapproved credit card transactions and to supervise credit card statements for suspect charges. Other possible cyberattacks fueled by this breach are identity theft and phishing emails.

Unfortunately, See Tickets has not offered a free-of-charge identity protection service for the impacted individuals, so exposed customers were left on their own to deal with the consequences of the security breach.

Source

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE