iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Wisconsin-based NFL team, the Green Bay Packers, is currently informing its fans of a cyber attack that may have resulted in the exfiltration of personal data.
In a data breach notice, the NFL team said it detected malicious activity on its Pro Shop website in October, with investigations revealing that the data of its customers may have been compromised.
“On October 23, 2024, we were alerted to the presence of malicious code inserted on the Pro Shop website by a third-party threat actor,” said the notice.
“Immediately upon learning this, we temporarily disabled all payment and checkout capabilities on the Pro Shop website and began an investigation.”
According to the data breach notice, customers who used “a limited set of payment options” on the team’s Pro Shop site between 23-24 September and 3-23 October 2024 were affected.
Data includes purchase information, including customer names, billing and shipping addresses, email addresses, credit card types, credit card numbers, credit card expiration dates and credit card verification numbers.
“If you made purchases on the Pro Shop website using a gift card, Pro Shop website account, Paypal, or Amazon Pay, your information was not affected by this malicious code,” the notice said.
Following the breach, alongside launching the investigation, the Green Bay Packers disabled all payment and checkouts, engaged external cyber experts and requested that the vendor that runs the store remove the malicious codes and launch password resets.
“Our IT team, in conjunction with outside cyber security experts and the vendor that hosts the Pro Shop website, worked to successfully contain and remediate the security incident. Since that time, we have continued to take a number of steps to enhance our security protocols and controls, technology, and training.”
The notice does not mention if there is any evidence of the data being misused to date.
Be the first to hear the latest developments in the cyber industry.
