The Green Bay Packers organization has disclosed a data breach affecting thousands of customers who made purchases on their official online store, packersproshop.
The incident, attributed to malicious code planted by an unauthorized third party, compromised sensitive customer information, including credit card details.
On October 23, 2024, the Packers were alerted to the presence of malicious code embedded on the checkout page of their Pro Shop website.
This code, inserted by a third-party threat actor, potentially allowed unauthorized access to customer data entered during transactions.
Upon discovery, the organization immediately disabled payment and checkout functions and launched a comprehensive investigation with the assistance of external cybersecurity experts.
The investigation revealed that the breach occurred over two separate periods: September 23-24, 2024, and October 3-23, 2024. During this time, customers using certain payment methods were vulnerable to data exposure.
However, purchases made using gift cards, PayPal, Amazon Pay, or Pro Shop accounts were not impacted.
Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free
What Information Was Compromised?
According to fillings, the breach may have exposed critical personal and financial information entered during checkout.
This includes:
- Customer names
- Billing and shipping addresses
- Email addresses
- Credit card types
- Credit card numbers
- Expiration dates
- Credit card verification numbers
The organization emphasized that alternative payment methods such as gift cards and third-party platforms like PayPal were not affected.
The Green Bay Packers acted swiftly to contain the breach. They collaborated with cybersecurity experts and their website hosting vendor to remove malicious code and secure their systems.
Measures included refreshing passwords, addressing vulnerabilities in the checkout process, and enhancing overall security protocols.
To support affected individuals, the Packers are offering complimentary access to Experian’s credit monitoring and identity theft restoration services for three years.
Customers must enroll in these services themselves to activate protection.
The Packers encourage potentially affected customers to monitor their financial accounts for unusual activity and take advantage of the free credit monitoring services provided.
The organization has vowed to continue improving its security infrastructure to prevent future incidents.
“We deeply regret this incident and the inconvenience it may have caused our loyal fans,” stated a Packers spokesperson.
“Protecting our customers’ personal information is a top priority, and we are committed to taking all necessary steps to ensure their data is safeguarded.”
This breach highlights the growing sophistication of cyberattacks targeting e-commerce platforms.
Customers are urged to remain vigilant and take proactive measures to protect their personal information in light of this incident.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!