- Green Bay Packers have notified customers about an incident in October 2024
- The threat actors installed a skimmer on the team’s online store.
- An unknown number of people lost their credit card information
Fans of the Green Bay Packers NFL team looking to purchase products on the team’s e-commerce site may have had their sensitive data stolen, including payment information, the team revealed.
In a data breach notification letter sent to affected customers, the team detected malicious code inserted into the Pro Shop website on October 23 and temporarily disabled all checkout and payment capabilities. It then hired third-party cybersecurity experts to investigate, who determined that an unknown threat actor had deployed a skimmer on the payment page, which was active during September 23-24 and October 3-24.
On those days, criminals managed to steal names, addresses (both billing and shipping), email addresses, credit card types, credit card numbers, credit card expiration dates, and credit card verification numbers. credit cards. More than enough for wire fraud, identity theft, phishing, and more.
Content and remediated
Purchases on the Pro Shop website that were made with a gift card, Pro Shop website account, PayPal or Amazon Pay were not affected, the company confirmed.
The incident has since been contained and remediated, Green Bay Packers said, adding that its IT team, along with outside cybersecurity experts, ensured the store was now secure. “We are also working with our vendors who host and manage the Pro Shop website to confirm improvements to their security protocols,” he said.
Customers are offered 36 months of free credit monitoring and identity theft restoration services through Experian, but they will have to enroll themselves, as the Green Bay Packers cannot activate the service on their behalf.
We don’t know exactly how many people could have been affected by this attack and there is currently no information about the misuse of stolen data anywhere on the dark web.
