A data breach has allowed attackers to steal the payment information including credit card information from online customers of Rooster Teeth.
The production company, discovered on December 2 that their online store was hacked, to which attackers had injected malicious script into the online store, subsequently redirecting users to a fake payment page controlled by the attackers.
“The malicious code directed users entering a checkout on the Site to a spoofed webpage where they were asked to enter payment card details in order to complete their purchases. This was inserted after the stage at which users entered their shipping data,” said the company’s data breach notification.
After the user has completed the payment card details, they are then redirected to the real webpage, where they are asked to complete the forms again.
This method allowed attackers to steal users’ full names, email addresses, telephone numbers, home addresses, and/or the payment information submitted.
After being identified, the malicious code was removed from the online store the same day.
Rooster Teeth has sent data breach notifications to all impacted customers. In addition, the company is offering a free 1-year Experian IdentityWorks subscription.
Those impacted are urged to contact their credit card merchant, and monitor statements for any suspicious activity.
The post #Privacy: Rooster Teeth Productions suffers data breach appeared first on PrivSec Report.