Web skimmer attack against See Tickets impacts over 300K

SecurityWeek reports that more than 300,000 individuals had their data compromised following a web skimmer attack against international ticketing services firm See Tickets, which was identified in May but only mitigated in July. Attackers were able to exfiltrate user information, including names, addresses, and payment card details from a number of See Tickets e-commerce checkout pages that have been infected with malicious code from Feb. 28 to July 2, according to a data breach letter filed with the Maine Attorney General's Office. While there has been no evidence to suggest misuse of the compromised data, impacted individuals have been urged to be vigilant of potential identity theft and fraud incidents. Additional security measures to better secure payment card data and other webpage-stored information, said See Tickets. Such a disclosure comes nearly a year after See Tickets reported a web skimmer attack impacting the same kinds of user data, which was only taken down in January 2022 despite being discovered in April 2021.