Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers’ payment card details.
Threat actors were able to steal payment card data by implanting a software skimmer on its website.
Sea Ticket discovered the security breach in April 2021 and immediately launched an investigation with the help of a forensics firm. Took down the unauthorized access. The company completely eradicated the malware from its website on January 8, 2022.
The attackers obtained data provided by the customers while purchasing event tickets on the See Tickets website between June 25, 2019, and January 8, 2022. Stolen data includes name, address, zip code, payment card number, card expiration date, and CVV number.
The company pointed out that Social Security numbers, state identification numbers, or bank account information were not exposed because the company doesn’t store them.
While its investigation continues and not certain about the customer information was affected, we are notifying you out of an abundance of caution based on available information.
See Tickets Worked with Visa, MasterCard, American Express, and Discover to identify the impacted transactions.
See Tickets warns that users should check their recent bank and/or credit card statements for any unauthorized charges. Users are recommended to immediately notify their financial institution if they see suspicious activity.
At this time it still unclear the number of impacted customers.