RBS and NatWest banks are issued fresh debit cards to up to 40,000 customers whose personal and financial details were compromised in June last year after hackers inserted a malicious software into TicketMaster UK’s website to steal user data on a giant scale.
Back in June, Ticketmaster UK announced that by inserting a malicious software in one of its customer support products, suspected hackers covertly exported personal and financial data of around 5 percent of its customers to a remote server.
Hackers breached third-party software to commit breach
The breach took place after hackers installed a malicious software in a customer support product hosted by Inbenta Technologies, an external third-party supplier. Using the malicious software, the hackers then skimmed names, addresses, email addresses, telephone numbers, payment details and Ticketmaster login details of around 40,000 Ticketmaster UK customers.
According to security firm RiskIQ, the cyber attack was carried out by a hacker group known as Magecart. The group used a similar technique to steal personal and payment information of around 380,000 people who made bookings and changes between August 21 and September 5 on British Airways’ website and mobile application.
According to the firm, Magecart has been active at least since 2015 and constantly targets major companies using tried-and-tested skimming tactics. Aside from British Airways, Newegg, and TicketMasterUK, the group successfully targeted Home Depot and Target as well to obtain payment card information of a large number of people.
At the time when the hack took place, Inbenta’s product was running on Ticketmaster International, Ticketmaster UK, GETMEIN! and TicketWeb websites and affected customers who purchased, or attempted to purchase, tickets between February and June 23 and international customers (except those in North America) who purchased, or attempted to purchase, tickets between September 2017 and June 23 last year.
Banks issuing fresh debit cards to prevent fraud
According to the Scottish Sun, RBS and NatWest banks are now contacting their customers and issuing fresh debit cards to them so that hackers cannot use their stolen financial information to commit fraud.
“We’ll soon be sending you new debit card. We’re doing this following a data breach at Ticketmaster last year, as we know you used your debit card listed above with them. It’s just a precaution we take for you and all customers in similar circumstances to make sure your account is kept safe and secure,” read the letters being sent to affected customers.
“Our priority is to make sure our customers’ data is secure. Following the data breach disclosed by Ticketmaster, we are proactively reissuing cards to all impacted cardholders. We have also put in place additional levels of security to protect our customers and continue to monitor the situation very closely,” said an RBS spokesperson.