Malware found to have been skimming customer card details for over a month

Filipino media and entertainment conglomerate ABS-CBN has closed two retail websites after a security researcher discovered that malware was being used to grab customers’ payment card details.

In a press statement earlier today, the company said it has temporarily taken down the ABS-CBN Store (store.abs-cbn.com) and the UAAP Store (uaapstore.com) following a report of a data breach at its online shopping facility.

The report in question came from Dutch researcher Willem de Groot, who said criminals had embarked on a browser-based card skimming operation since “at least” August 16.

“Personal information and credit cards are intercepted while people shop for merchandize for one of the 90+ television shows,” de Groot said in a blog post yesterday.

“The stolen data is sent onwards to a server registered in Irkutsk, Russia. The credit cards and identities are then (presumably) sold on the black market.”

While ABS-CBN said just 213 customers may have been affected by the incident, the broadcaster said its investigation was still ongoing.

Anyone who has purchased products from the sites over recent months is advised to carefully check their card statements for unauthorized payments.

“This data breach incident is isolated only to the ABS-CBN Store and the UAAP Store websites and does not affect other ABS-CBN digital properties,” the company said. “We have informed the National Privacy Commission and will be working closely with them.”

Drawing a thread between the ABS-CBN incident and the recent, high-profile data breaches at British Airways and Ticketmaster, de Groot said: “The methodology found at these crime scenes is the same: browser-based interception during the checkout process.

“This method is quickly gaining popularity because it defeats the security of encrypted connections (HTTPS/SSL).”


RELATED: Australian broadcaster linked to commercial data breach