A data breach that happened at a US e-commerce website, PulseTV, may involve massive data theft. It is analyzed that more than 200,000 consumer credit records would have been compromised. Further, the breach persisted between November 2019 to August 2021. However, it was identified only in December 2021.
According to an official statement by the retailer, the breach can be classified as an external system breach but might not be confirmed based on the available information.
Migliaccio & Rathod LLP is presently conducting an inquiry into the incident. The March 2021 incident also led to unauthorized credit card transaction processing through compromising customer payment details.
Evidently, PulseTV consumers who had bought products on the official website using a credit card during the period between November 1, 2019, and August 31, 2021, might have been impacted by the data breach.
The hack involved the attackers planting Javascript skimmers within the checkout page on the retailer’s official website. However, when notified by Visa, PulseTV was unable to pinpoint the issue immediately.
When cyber hackers attack retail websites, what they target is critical customer information. The information acquired is sold for a heavy price. Personal identifying information is highly valuable in the black market. In some of the previous attacks of a similar manner, stolen credit cards were utilized to buy products. It is alarming that cyber incidents are on the rise in the US and across the world.
Moreover, the retailer had informed the public that they would be migrating to another payment system. This move was necessary after the cyber threat came to light. More details on the hack are expected from the retailer in the immediate days.
The data that may have been subjected to the hack include:
- Full name
- Shipping Information
- Email ids
- Payment card numbers
- Payment card expiry date, and
- Payment card security code (CVV)