Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Roberts Hawaii tour company hacked, credit card and personal info exposed

The tour company Roberts Hawaii is warning its customers about a security breach that may affect people who purchased tours and other services on its website. Did you visit the Hawaii in last year? The tour company Roberts Hawaii is warning its customers about a data breach that may affect people who purchased tours from July […]

Roberts Hawaii tour company hacked, credit card and personal info exposed

The tour company Roberts Hawaii is warning its customers about a security breach that may affect people who purchased tours and other services on its website.

Did you visit the Hawaii in last year? The tour company Roberts Hawaii is warning its customers about a data breach that may affect people who purchased tours from July 2015 to December 2016. It is a very long period, but there is no information about the number of affected customers.

The Roberts Hawaii company offers tours along with school bus services, airport shuttles, and other transportation packages.

Compromised records include name, address, email address, phone number, payment card number, expiration date and card security code.

The tour company discovered the security breach after customers reported fraudulent charges on their credit cards.

“The tour company found out about the hack after getting reports of fraudulent charges on customers’ credit cards. The charges appeared shortly after the customers made purchases on Roberts Hawaii’s website.” reported the Hawaii News Now.

Roberts Hawaii

According to the investigators, the charges appeared shortly after the customers have purchased a tour on the website of the Roberts Hawaii.

“Roberts Hawaii received reports from several customers of fraudulent charges appearing on their payment cards shortly after they were used to make a purchase on its website.” reads the security advisory published by the company. “Roberts Hawaii immediately initiated an investigation and engaged a leading cyber security firm to examine their website network.”

The cyber criminals have compromised the web server of the company with a malicious code that copied customers’ data during the checkout procedure.

According to the Roberts Hawaii company, orders placed between July 30, 2015, and Dec. 14, 2016, may have been affected.

Roberts Hawaii confirmed to have stopped the security breach, it removed the malware installed on its server and shut down the affected payment collection pages.

“All payment collection pages on the compromised server were replaced entirely with third party online booking software and Roberts Hawaii is also taking steps to further strengthen the security of its website to help prevent a similar incident from happening in the future.”  continues the advisory published by the company. 

In order to mitigate the exposure of its customers, the company has established a dedicated call center ((877) 235-0796) and web page to answer customer questions.

“Our customers’ confidence and trust are important to us, and we sincerely apologize for any inconvenience or concern this may have caused. We are working swiftly to address this situation and help prevent a future recurrence,” said Wayne Fernandez, director of safety and security for Roberts Hawaii, in a news release.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – cybercrime, data breach)