A famous wrestling t-shirt selling website called Pro Wrestling Tees has revealed a data breach attack that has compromised the credit card details of thousands of its customers.
Pro Wrestling Tees is an online marketplace that enables professional wrestling entertainers to set up their stores to sell various merchandise such as posters, action figures, memorabilia, t-shirts, and more to their supporters. The breached platform also organises meetups for fans to meet their favourite entertainers, increasing the site’s popularity among numerous wrestling communities.
In a data breach advisory distributed to affected people, Pro Wrestling Tees notified law enforcement agencies last November that a minimal portion of its clients’ credit card numbers had been compromised.
According to the online store’s breach notification, they immediately deployed extensive investigation in their system and concluded that malware was the initiator of the data breach. Fortunately, they have removed the malware from their system and did not find any evidence of any current customer information being compromised.
However, the credit cards stolen by the malware infection stored full names and credit card numbers along with CVV codes of the customers. Although it is unclear how the credit cards were nicked, investigators believed the cause was the recent hack powered by a skimmer script that can steal credit cards during checkout.
Credit card skimmers are tiny snippets of code that disguises themselves on website element and operate when customers are on the checkout page to exfiltrate details entered on the order form. As of now, compromised individuals are urged by experts to employ one year of identity theft protection and credit card monitoring services.
However, several users from Reddit revealed that they had lost thousands of dollars due to their cards being stolen, while others stated their bank obstructed their transaction and flagged them as fraud entities.
The credit card details stolen by the malware are already being abused in the cybercriminal ecosystem. Therefore, affected customers should track their credit cards to avoid potential fraudulent acts in the future.