A popular wrestling t-shirt marketplace named Pro Wrestling Tees has suffered a data breach, resulting in the leakage of credit card data of tens of thousands of its customers.
The site after investigating the issue said that a malware virus was the cause, and removed it through forensic experts. While assuring that no personal data of its customers was stolen, it’s now offering the impacted customers a free one-year credit monitoring service to get alerted on any fraudulent transactions.
Stealing Credit Card Data
Pro Wrestling Tees is a popular pro wrestling t-shirt online marketplace, letting professional wrestlers form their mini-stores within the site and sell goods like shirts, posters, action figures, and more to their fans. The site often organizes fan meet-ups with wrestlers as guests, making it a popular thing in this industry.
Also Read- Pfizer Based Phishing Campaign in Wild
But this week, Pro Wrestling Tees started sending emails to its customers, notifying them about a data breach incident affecting tens of thousands of customers’ financial data. As per it, the Pro Wrestling Tees was informed by law enforcement on November 1st about a compromised portion of its customers’ data.
Pro Wrestling Tees letter concerning their November data breach (as some of you did not receive this correspondence) pic.twitter.com/GHriaqWau3
— Toru Yano Fan Account (@ToruYanoFanAcct) December 18, 2021
This led Pro Wrestling Tees to quickly start an internal investigation, and find out that a malware virus has caused this leak. A submission made to the Office of the Maine Attorney General on December 22, 2021, revealed that the data breach has affected over 31,000 customers!
While they rectified the issue by removing the virus immediately, the customers’ financial data like the stored credit card numbers, full names, and matching CVV codes were already stolen. Though Pro Wrestling Tees didn’t mention how the hack has actually happened, experts hint about a possible skimming script being embedded in the checkout page.
This attack could log customers’ card data when entered and export them to hackers when triggered. While assuring that no PII of customers was stolen, Pro Wrestling Tees is offering a free one-year identity theft protection and credit monitoring services through IDX, to the impacted customers.
