Hackers are at it again

In late June, Ticketmaster announced that several of its sites had been compromised. Recent research reveals that this breach was only a small part of a massive credit card-skimming hack.

Here’s what you need to know about the Ticketmaster breach:

What happened?
Sites, like Ticketmaster, often rely on a third-party code that is hosted on other sites to support their own payment systems. If this code is breached on its host site, every site that uses the code will be compromised. That’s what happened with Ticketmaster. Several Ticketmaster websites ran code from Inbenta, a customer support software company. When Inbenta was hacked, the sensitive information of these customers was compromised.

Inbenta claimed only these Ticketmaster customers had been affected by the hack. However, cybersecurity firm RiskIQ has found that some of Ticketmaster’s global sites – including its U.S. site – were running code from SocialPlus, another third-party company that had been compromised by the same group that hacked Inbenta.

RiskIQ has stated that more than 800 international e-commerce sites have been compromised in this hack. That’s because any website that relied on code hosted on Inbenta or SocialPlus was also compromised.

To execute the hack, scammers changed the code on the host sites to skim the credit card information being entered at checkout on the e-commerce sites.

RiskIQ identified Magecart as the hacking group behind the attacks. This group has been active since December 2016, and RiskIQ has been tracking them for nearly as long.

According to a threat researcher at RiskIQ, this breach has a larger impact than any other credit card breach to date. The cybersecurity firm disclosed that close to 100 top-tier sites have been breached.

What should I do if my information has been compromised?

• Place a fraud alert on your credit bureau reports. This will warn creditors that you may have been victimized by identity theft.
• Consider a credit freeze. This will make it much harder for a hacker to open new credit in your name.
• Alert the Federal Trade Commission. Let the FTC know you’ve been hacked at ftc.gov.
• Tell Heartland. We’ll help you determine your next step and help guide you.
• Review your account statement regularly. If you find any suspicious transactions, report them immediately!
• Set up E-Alerts and/or E-Notices via online banking or the mobile app so you can stay up to date on the activity of your choice.

Scammers never take a break so make sure you stay informed and – again – contact us here at Heartland if you see anything suspicious on your account.