Credit cards stolen from Madison Square Garden venues in the last year

Pierluigi Paganini November 23, 2016

Madison Square Garden Company informed users that their payment card data may have been stolen by cybercriminals

Yesterday, the Madison Square Garden Company notified users that their payment card data may have been stolen by cybercriminals. According to the company, crooks have used a PoS malware on its payment processing system and have stolen payment card data used at the Madison Square Garden in the last year.

Hackers have stolen payment card data, including credit card numbers, cardholder names, expiration dates, and internal verification codes.

The Madison Square Garden company disclosed the security breach and clarified that only customers who physically used their card for food, drink or merchandise payments at its venues. According to the organization, online ticket and merchandise purchases did not expose customers.

MSG disclosed information on the attack neither information on the number of affected users.

The affected cards have been used between 9 November 2015 and 24 October 2016 at several Madison Square Garden venues, including the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater.

madison-square-garden-breach

Below the official statement released by the Madison Square Garden

“Findings from the investigation show external unauthorised access to MSG’s payment processing system and the installation of a program that looked for payment card data as that data was being routed through the system for authorisation,” reads the statement.

“Data contained in the magnetic stripe on the back of payment cards swiped in person to purchase merchandise and food and beverage items at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater between November 9, 2015 and October 24, 2016 may have been affected, including credit card numbers, cardholder names, expiration dates and internal verification codes. Not all cards used during this time frame were affected. This incident did not involve cards used on MSG websites, at the venues’ Box Offices, or on Ticketmaster.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Madison Square Garden, data breach)



you might also like

leave a comment