TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Credit card info of 1.8 million people stolen from sports gear sites
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Phishing attacks impersonate Pfizer in fake requests for quotation
New stealthy DarkWatchman malware hides in the Windows Registry
This $19 bundle helps fill your résumé with CompTIA certifications
Western Digital warns customers to update their My Cloud devices
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Credit cards
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers.
While not much is known about the attack, a law firm representing the four websites stated that personal information and credit card information, including full CVV, were stolen on October 1st, 2021.
The affected websites are the following:
The sites first learned of the breach on October 15th, and after an investigation, confirmed on November 29th the customers that had their payment information stolen.
The details that have been compromised as a result of this incident are the following:
After the conclusion of the investigation, the websites sent notices to the affected individuals on December 16th, 2021.
None of the published notices to impacted customers provide any details on the nature of the incident, so the actual means of obtaining the data remains unknown.
However, as the description states, “External system breach (hacking),” this appears close to be a database breach rather than the implantation of card skimmers on the websites, although both scenarios are likely.
Whatever the case is, if you have purchased anything from these four websites, you should treat incoming communications with vigilance, monitor your bank account and credit card statements, and report any suspicious transactions immediately.
“Upon becoming aware of the incident, Tackle Warehouse took the measures referenced above. We also reported the incident to the payment card brands in an attempt to prevent fraudulent activity on the affected accounts,” reads Tackle’s notification letter to customers.
“We also reported the incident to law enforcement and have worked closely with the digital forensics firm to enhance the security of our sites to facilitate safe and secure transactions.”
Unfortunately, the affected customers have not been offered an identity protection service this time, even though the compromised data is extremely sensitive information.
We have reached out to all the affected entities to learn more about the attack, and we will update this post as soon as we receive a response.
Costco discloses data breach after finding credit card skimmer
Volvo Cars discloses security breach leading to R&D data theft
Cox discloses data breach after hacker impersonates support agent
Marine services provider Swire Pacific Offshore hit by ransomware
Utah medical center hit by data breach affecting 582k patients
Not a member yet? Register Now
Upgraded to log4j 2.16? Surprise, there’s a 2.17 fixing DoS
New stealthy DarkWatchman malware hides in the Windows Registry
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

CISA warns critical infrastructure to stay vigilant for ongoing threats

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…

Windows 10 App Installer abused in BazarLoader malware attacks

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…

Interpol arrests over 1,000 suspects linked to cyber crime

Hackers exploit Microsoft MSHTML bug to steal Google, Instagram credsApple sues spyware-maker…

Microsoft previews new endpoint security solution for SMBs

ALPHV BlackCat – This year’s most sophisticated ransomwareSonicWall ‘strongly urges’ customers to…