Warner victim of customer payment card hack for three months on e-commerce sites
A number of e-commerce websites owned by Warner Music Group were targeted by “an unauthorized third party” earlier this year, who may have stolen the customer’s payment card details.
The “card skimming” attack took place between April 25, 2020 and August 5, 2020.
In a recent data breach notice sent to customers, Warner wrote: âOn August 5, 2020, we learned that an unauthorized third party had compromised a number of US-based e-commerce websites that WMG operates. but which are hosted and supported by an external provider. This allowed the unauthorized third party to potentially acquire a copy of the personal information you entered on one or more of the affected websites between April 25, 2020 and August 5, 2020. â
WMG added, âWhile we cannot definitively confirm that your personal information was affected, it is possible that this was the case when your transactions took place during the period of compromise. If it did, it could have put you at risk of fraudulent transactions being made using your details.
Warner cautioned consumers that any personal information entered into one or more of the websites during the period after an item is placed in their shopping cart is “potentially acquired by the unauthorized third party.”
These details could include customer names, email addresses, phone numbers, billing addresses, and payment card details (including card number, CVC / CVV, and expiration date. ).
The large music company told its customers, âWe want to stress up front that the protection of personal information is very important to us, and we deeply regret that this incident has happened.
“We want to stress up front that the protection of personal information is very important to us, and we deeply regret that this incident has occurred.”
Warner Music Group
Warner has confirmed that customers who paid through PayPal were not affected by the incident.
The company added in its notification: âUpon discovery of the incident, we immediately launched a thorough forensic investigation with the assistance of leading external cybersecurity experts and promptly took action to address and correct the problem. We have also informed the relevant credit card providers as well as law enforcement agencies, with whom we continue to cooperate. “
In addition, it offers its customers identity monitoring services through Kroll for 12 months, free of charge.Music trade around the world