Green Bay Packers' online store hacked to steal credit cards

SUMMARY :

A threat actor breached the Green Bay Packers' official online retail store in October, injecting a card skimmer script to steal customers' personal and payment information. The attack, discovered on October 23, 2024, targeted the packersproshop.com website. The malicious code, inserted in the checkout page, could access customer data between late September and early October 2024. Affected information includes names, addresses, email addresses, and credit card details. The team disabled payment capabilities upon discovery and hired cybersecurity experts to investigate. The skimming attack utilized JSONP callback and YouTube's oEmbed feature to bypass Content Security Policy. The Packers are offering three years of credit monitoring and identity theft restoration services to affected customers.

OPENCTI LABELS :

data breach,e-commerce,credit card theft,card skimmer,content security policy bypass


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Green Bay Packers' online store hacked to steal credit cards