Packers_Pro_Shop

Thousands of credit cards stolen in Green Bay Packers store breach

Teilen:

​American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach.

In breach notification letters sent to affected individuals this week, the National Football League (NFL) team said it immediately disabled all checkout and payment capabilities after being notified on October 23 that the packersproshop.com website was breached.

While the letters didn’t share the number of impacted customers impacted, the football team said in documents filed with Maine’s Attorney General on Monday that the incident affected 8,514 people.

A follow-up investigation found that the attackers injected a credit card stealer in the store’s checkout page to harvest personal and payment information. However, the Packers said the attacker couldn’t intercept information from any payments made using gift cards, a Pro Shop website account, PayPal, or Amazon Pay.

“We also immediately required the vendor that hosts and manages the Pro Shop website to remove the malicious code from the checkout page, refresh its passwords, and confirm there were no remaining vulnerabilities,” the Packers’s Director of Retail Operations Chrysta Jorgensen explained.

“Based on the results of the forensic investigation, on December 20, 2024 we discovered that the malicious code may have allowed an unauthorized third party to view or acquire certain customer information entered at the checkout that used a limited set of payment options on the Pro Shop website between September 23-24, 2024 and October 3-23, 2024.”

The breach impacted information entered on the Pro Shop website at checkout, including names, addresses (billing and shipping), email addresses, credit card types and numbers, card expiration dates, and credit card verification numbers (CVVs).

The Packers has yet to share how the threat actor hacked its Pro Shop website; however, Dutch e-commerce security company Sansec, which spotted the Packers store breach in early October, found that the card skimming attack used YouTube’s oEmbed feature and a JSONP callback to bypass the Content Security Policy (CSP).

​”In this attack, a script was injected from https://js-stats.com/getInjector. This script harvested data from input, select, and textarea fields on the site, exfiltrating the captured information to https://js-stats.com/fetchData,” Sansec said in a December 31 report.

The NFL team offers affected people three years of identity theft restoration and credit monitoring services through Experian and advises them to track their account statements for fraudulent activity.

Anyone observing identity theft or fraud attempts should report them to their bank and the appropriate authorities, including the Federal Trade Commission (FTC) and the state attorney general.

In September 2022, the San Francisco 49ers also notified over 20,000 individuals that attackers stole their personal information (including Social Security numbers) in a February 2022 breach later claimed by the Blackbyte ransomware gang.

Quelle

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
12:25 am, Juli 7, 2025
Wetter-Symbol 17°C
L: 16° | H: 18°
broken clouds
Luftfeuchtigkeit: 71 %
Druck: 1007 mb
Wind: 10 mph WNW
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 75%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 4:52 am
Sonnenuntergang: 9:18 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 10:00 pm
Wetter-Symbol
16° | 18°°C 0.99 mm 99% 13 mph 85 % 1015 mb 0 mm/h
Tomorrow 10:00 pm
Wetter-Symbol
13° | 24°°C 0.2 mm 20% 11 mph 76 % 1020 mb 0 mm/h
Mi. Juli 09 10:00 pm
Wetter-Symbol
15° | 26°°C 0 mm 0% 6 mph 66 % 1023 mb 0 mm/h
Do. Juli 10 10:00 pm
Wetter-Symbol
19° | 31°°C 0 mm 0% 8 mph 63 % 1024 mb 0 mm/h
Fr. Juli 11 10:00 pm
Wetter-Symbol
20° | 30°°C 0 mm 0% 12 mph 54 % 1023 mb 0 mm/h
Today 1:00 am
Wetter-Symbol
16° | 17°°C 0 mm 0% 9 mph 71 % 1007 mb 0 mm/h
Today 4:00 am
Wetter-Symbol
16° | 17°°C 0.31 mm 31% 8 mph 75 % 1007 mb 0 mm/h
Today 7:00 am
Wetter-Symbol
14° | 15°°C 0.99 mm 99% 10 mph 85 % 1008 mb 0 mm/h
Today 10:00 am
Wetter-Symbol
17° | 17°°C 0.33 mm 33% 12 mph 53 % 1011 mb 0 mm/h
Today 1:00 pm
Wetter-Symbol
22° | 22°°C 0 mm 0% 13 mph 37 % 1012 mb 0 mm/h
Today 4:00 pm
Wetter-Symbol
20° | 20°°C 0 mm 0% 10 mph 41 % 1013 mb 0 mm/h
Today 7:00 pm
Wetter-Symbol
20° | 20°°C 0 mm 0% 7 mph 45 % 1014 mb 0 mm/h
Today 10:00 pm
Wetter-Symbol
17° | 17°°C 0 mm 0% 11 mph 49 % 1015 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€92,673.42
0.87%
Ethereum(ETH)
€2,183.43
2.04%
Fesseln(USDT)
€0.85
0.00%
XRP(XRP)
€1.93
2.32%
Solana(SOL)
€129.06
2.82%
USDC(USDC)
€0.85
0.00%
Dogecoin(DOGE)
€0.146015
4.53%
Shiba Inu(SHIB)
€0.000010
2.86%
Pepe(PEPE)
€0.000008
3.59%
Nach oben scrollen