Warner Music Group online stores hit by look-like Magecart attack

Warner Music Group (WMG) disclosed a data breach affecting US-based e-commerce stores, the compromise appears to be a Magecart attack.

Warner Music Group (WMG) is a major music company with interests in recorded music, music publishing and artist services. The company has disclosed a data breach that impacted customers’ personal and financial information, the incident affected several US-based e-commerce stores.

The attack took place in April 2020 and according to the experts it looks like a Magecart attack.

“We are writing to let you know that a cybersecurity incident involving a number of e-commerce websites operated by Warner Music Group (“WMG”) through an external service provider may have allowed an unauthorized third party to acquire a copy of personal information you entered into those websites.” reads notice of data breach letter filed with the Office of the Attorney General in the state of California.

The attack impacted multiple e-commerce websites that Warner Music Group operates via a third-party service provider. The websites were compromised by hackers that were able to siphon personal information entered by the customers into the sites between April 25, 2020 and August 5, 2020.

“On August 5, 2020, we learned that an unauthorized third party had compromised a number of US-based e-commerce websites WMG operates but that are hosted and supported by an external service provider,” continues the data breach notification.

“This allowed the unauthorized third party to potentially acquire a copy of the personal information you entered into one or more of the affected website(s) between April 25, 2020 and August 5, 2020.”

Exposed data included the customers’ names, email addresses, telephone numbers, billing addresses, shipping addresses, and payment card details (card number, CVC/CVV, and expiration date).

A preliminary investigation conducted by Warner Music Group doesn’t exclude that the data has been exfiltrated by the hackers for this reason the company is recommending affected individuals to remain vigilant and report any anomalous activity to their bank accounts.

Warner Music Group added that payments through PayPal on the compromised websites were not affected.

“Upon discovering the incident we immediately launched a thorough forensic investigation with the assistance of leading outside cybersecurity experts and promptly took steps to address and correct the issue,” continues the note. “We also notified the relevant credit card providers as well as law enforcement, with whom we continue to cooperate.”

WMG is offering one year of free identity monitoring services through Kroll to the affected customers.

The company is still investigating the attack with the help of cybersecurity experts and announced that it is putting in place additional measures to prevent future incidents.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Warner Music Group)

[adrotate banner=”5″]

[adrotate banner=”13″]