The Rooster Teeth Productions has suffered a data breach that exposed payment card information from shoppers. Hackers have stolen credit card and other payment data from users that made purchases on the company’s online store. The attack redirected shoppers to a fake payment form on checkout.
The production company is known for its popular shows and documentaries such as RTDocs, Crunch Time, Red vs. Blue, gen:LOCK, and Day 5.
The data breach took place on December 2nd, and the company discovered it the same day. The attackers injected a malicious script into the checkout page of the online store and developed it to redirect shoppers to a fake payment page under the control of the attackers.
“On December 2, 2019, Rooster Teeth discovered that malicious code had been added to the Site earlier the same day. The malicious code directed users entering a checkout on the Site to a spoofed webpage where they were asked to enter payment card details in order to complete their purchases. This was inserted after the stage at which users entered their shipping data. Users who completed the payment card details page were then directed to the real webpage, where they were asked to complete the forms again” reads the notice of data breach published on the company site.
Hackers have stolen customers’ names, email addresses, telephone numbers, physical addresses, and/or payment card information.
Rooster teeth removed this malicious code from their store on the same day.
Rooster Teeth has sent data breach notifications to customers who were affected by this breach. They are also offering a free 1-year Experian IdentityWorks subscription.
Impacted users should remain vigilant for fraudulent activities; furthermore, they must review payment card or personal account statements for unauthorized charges.
Secure Your Organization’s Mind with Securemind.se