Hackers are at it again! This time, they’re skimming information on third-party sites in what may be the largest credit breach ever.
To that end, in late June, Ticketmaster announced that several of its sites had been compromised. Recent research, though, has revealed that this breach was only a small part of a massive credit card-skimming hack that may have affected more than 800 e-commerce sites.
Here’s what you need to know about the Ticketmaster breach:
Ticketmaster revealed that customer information on several of its sites was compromised. The ticket-selling giant claimed no U.S. sites — or customers — had been hacked.
However, cybersecurity firm RiskIQ has said that more than 800 international e-commerce sites have been compromised in this hack.
Sites like Ticketmaster often rely on a third-party code that’s hosted on other sites to support their own payment systems. Third-party codes present a single point of failure. That means, if this code is breached on its host site, every site that uses the code will then be compromised.
That’s exactly what happened with Ticketmaster. Several of the ticket giant’s websites ran code from Inbenta, a customer support software company. When Inbenta was hacked, the sensitive information of these customers was compromised.
Though Inbenta claimed only these Ticketmaster customers had been affected by the hack, RiskIQ has found that some of Ticketmaster’s global sites – including its U.S. site – was running code from SocialPlus, another third-party that had been compromised by the same group that hacked Inbenta.
The breach gets even worse: All websites that relied on code hosted on Inbenta or SocialPlus were also compromised. The number of hacked sites has been estimated to reach 800.
The hack was executed quietly and efficiently. Scammers changed the code on the host sites to skim the credit card information being entered at checkout on the e-commerce sites. Since each code can be used on numerous sites, compromising this point can give hackers instant access to the information of 10,000 victims.
Who is behind the attack?
RiskIQ has identified Magecart as the hacking group behind the attacks. This group has been active since December 2016, and RiskIQ has been tracking them for nearly as long.
The hacking group targets software companies that provide codes for e-commerce websites. By altering these codes, the hackers can skim information from millions of customers every day.
According to Yonathan Klijnsma, a threat researcher at RiskIQ, the Ticketmaster breach has a larger impact than any other credit card breach to date.
While the cybersecurity firm did not name specific compromised sites beyond Ticketmaster, it did disclose that close to 100 top-tier sites have been breached, including large brands and popular online retailers.
What should I do if my information has been compromised?
Unfortunately, with the point of failure in this hack taking place at a third-party site, there’s not much you can do to protect your information from being compromised. However, by taking immediate action if you’ve been hacked, you can mitigate the damage to your credit and help law enforcement agents apprehend the hackers as quickly as possible.
If your information has been compromised, take the following steps:
- Place a fraud alert on your credit accounts. This will warn creditors that you may have been victimized by identity theft and make it harder for a scammer to use your credit identity.
- Consider a credit freeze. This will make it impossible for a hacker to open new credit in your name.
- Alert the Federal Trade Commission. Let the FTC know you’ve been hacked at ftc.gov.
- Tell your bank or credit union. Don’t forget to tell us that your information has been compromised. We’ll help you determine your next step and guide you until your credit has been cleared.
- Dispute fraudulent charges. If you find any suspicious charges on your credit account, dispute them immediately. To do this, contact the associated financial institution and file a police report as well.
Scammers never take a break. Make sure you know what to do if your information has been hacked!
Have you ever been the victim of a credit breach? Share your experience with us in the comments.