Threat actors have stolen credit cards belonging to 1,813,224 customers of four affiliated online sports gear sites.
Below are the affected websites:
According to the law firm representing the four websites, the security breach took place on October 1st, 2021, but the websites discovered it on October 15. The attackers had access to the personal information and credit card information of the customers, including full CVV.
On November 29, 2021, the company confirmed that the personal and financial data of its customers were stolen, including
On December 16th, 2021 the four websites notified the affected customers. At this time the sites have yet to disclose the cause of the security breach.
Impacted users are recommended to monitor their bank account and credit card statements, and immediately report any suspicious transactions.
The bad and surprising news is that the website are not offering an identity protection service to the impacted customers.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, credit cards)
[adrotate banner=”5″]
[adrotate banner=”13″]