HawksShop.com Compromised by Card Skimming Malware
Who: Atlanta Hawks’ online shop
# of Accounts Breached: undetermined
What was affected: Customers names, addresses and payment card numbers.
When it happened: Started on June 6, 2017
How it happened: Cybercriminals using Magecart card-skimming code attacked the online store of the NBA’s Atlanta Hawks, stealing customers names, addresses, and payment card numbers.
The Sanguine Labs team at Sanguine Security identified the offending code on the store’s checkout page on Saturday, April 20, according to a post on the security company’s website. But research from RiskIQ following this public disclose revealed that the website, HawksShop.com, had been compromised far longer than that.
Outcome: As of 1 p.m. ET on April 24, HawksShop.com was temporarily down for maintenance, presumably to fix the issue.