[BreachExchange] Madison Square Garden reveals year-long credit, debit card data breach

[Audrey McNeil]

http://www.nydailynews.com/new-york/manhattan/madison-
square-garden-reveals-credit-debit-card-data-breach-article-1.2883939

The Madison Square Garden Company says a year-long data breach compromised
credit and debit cards used at concession stands at several properties it
operates.

MSG alerted customers to the breach Tuesday, saying that the issue has been
cleared.

But Knicks and Rangers fans, as well as anyone who took in the Radio City
Christmas show last year may want to check with their bank.

Cards used to purchase merchandise and food and beverage items at Madison
Square Garden, the Theater at Madison Square Garden, Radio City Music Hall,
Beacon Theater, and Chicago Theater between Nov. 9, 2015 and Oct. 24, 2016
may have been affected.

“Findings from the investigation show external unauthorized access to MSG’s
payment processing system and the installation of a program that looked for
payment card data as that data was being routed through the system for
authorization,” a statement on the company’s website said.

The hackers were able to steal credit card numbers, cardholder names,
expiration dates and internal verification codes.

The breach did not affect Ticketmaster purchases or payments made on the
company’s website.

“MSG recognizes the importance of protecting customer data and deeply
regrets any inconvenience this incident may have caused its customers,” the
company said.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161122/37718be3/attachment.html>