Business Fake Payment Page Tricks Rooster Teeth Customers - Rooster Teeth hacked December 2nd, data including credit cards compromised. People not told till now.

  • ⚙️ Performance issue identified and being addressed.
  • Want to keep track of this thread?
    Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
    Create account
www.infosecurity-magazine.com

Fake Payment Page Tricks Rooster Teeth Customers

Fake Payment Page Tricks Rooster Teeth Customers. Another e-com site is hit by digital skimming/phishing raid
www.infosecurity-magazine.com www.infosecurity-magazine.com
(http://archive.md/8e2yh)

A US entertainment company has become the latest brand to have its e-commerce store attacked in a data harvesting raid using malicious JavaScript and phishing techniques.

Texas-based Rooster Teeth makes podcasts, animated shows and short-form content for distribution, but also has a Shopify-based online store which sells merchandise.

It was this site that was compromised at the start of the month, according to a breach notice from the firm.

“On December 2, 2019, Rooster Teeth discovered that malicious code had been added to the site earlier the same day. The malicious code directed users entering a checkout on the site to a spoofed web page where they were asked to enter payment card details in order to complete their purchases,” it explained.

“This was inserted after the stage at which users entered their shipping data. Users who completed the payment card details page were then directed to the real web page, where they were asked to complete the forms again. We removed the malicious code from the site and took other steps to secure the site against further unauthorized access.”

The incident was fortunately spotted swiftly by the firm’s IT team and therefore affected only a “limited number” of customers.

However, those who did get caught in the incident will have had their name, email address, telephone number, physical address, and/or payment card information including expiration dates and security codes stolen.

Rooster Teeth is offering these customers Experian credit monitoring services for a year.

The incident calls to mind a similar attack discovered in November, when hackers went after the Australian Commonwealth Bank with malicious JavaScript which redirected customers to a phishing payment page.

In the meantime, more traditional Magecart attacks continue to cause major problems for online stores. The most recent brands to be hit include Macy’s and Smith & Wesson.
 
Last edited by a moderator:
Click to expand...
It took people 15 days to learn that their personal information was compromised by malicious code. That's lousy customer service and I hope someone got fired because of that.
 
So, now instead of wasting your money on subpar wannabe anime and froot-loops with hipster hair, you can unwittingly donate it to needy people in foreign countries via credit card theft.

Frankly, seems like a far better use of your money.
 
Last edited:
REGENDarySumanai said:
It took people 15 days to learn that their personal information was compromised by malicious code. That's lousy customer service and I hope someone got fired because of that.
Click to expand...
That's why i feel it's news. RT has been so trash for the last few years, this is just icing on the cake.

Why not inform customers right away, especially at Christmas when people are buying shit all over the place.
 
Monty Oum rose up from the grave alright. Rose up to point and laugh at all the speds at Rooster Teeth fucking up without him in the picture.
 
Jaded Optimist said:
Why not inform customers right away, especially at Christmas when people are buying shit all over the place.
Click to expand...

And risk people panic canceling their orders, and subscriptions in the most profitable time of the year, all while losing a lot of money while people try to keep their hard-earned money safe? Nah! Who do you think they are? A company with actual integrity that respects its customers and values having their trust?

Sarcasm aside, it would be one thing if one employe kept it from their higher-ups. But if they, as a company, were aware of it, it's hard not to be suspicious and think they waited out warning until the last second, out of fear of losing that sweet Christmas season money, so people busy with the holidays would be less likely to panic cancel.


It's just speculation, and I have no proof, but it does seem that way.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom