U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

See Tickets discloses data breach, customers’ credit card data exposed

International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details. Threat actors were able to steal payment card data by implanting a software skimmer on its website. The company discovered […]

See Tickets

International ticketing services company See Tickets disclosed a data breach that exposed customers’ payment card details.

Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details.

Threat actors were able to steal payment card data by implanting a software skimmer on its website.

The company discovered the security breach in April 2021 and immediately launched an investigation with the help of a forensics firm. The company completely eradicated the malware from its website on January 8, 2022.

See Tickets

“See Tickets was alerted to activity indicating potential unauthorized access by a third party to certain event checkout pages on the See Tickets website in April 2021. We promptly launched an investigation with the assistance of a forensics firm and took steps to shut down the unauthorized activity. Our response efforts had multiple phases and resulted in the complete shutdown of the unauthorized activity in early January 2022.” reads a data breach notification sent to the impacted customers. “On September 12, 2022, we determined the event may have resulted in unauthorized access to the payment card information of certain of our customers. While our investigation continues and we are not certain your information was affected, we are notifying you out of an abundance of caution based on available information.”

According to the company, the attackers obtained data provided by the customers while purchasing event tickets on the See Tickets website between June 25, 2019, and January 8, 2022. Stolen data includes name, address, zip code, payment card number, card expiration date, and CVV number.

The company pointed out that Social Security numbers, state identification numbers, or bank account information were not exposed because the company doesn’t store them.

See Tickets worked with Visa, MasterCard, American Express, and Discover to identify the impacted transactions.

See Tickets warns that users should check their recent bank and/or credit card statements for any unauthorized charges. Users are recommended to immediately notify their financial institution if they see suspicious activity.

At this time it still unclear the number of impacted customers.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, See Tickets)

[adrotate banner=”5″]

[adrotate banner=”13″]