Payment system updated amidst fears 200,000 records may have been exposed
A data breach at US e-commerce website PulseTV may have exposed more than 200,000 customer credit card records.
In a letter filed with the Office of the Maine Attorney General, PulseTV said the breach persisted between November 2019 and August 2021 and was detected in December 2021.
The breach “appears to be an external system breach but could not be confirmed based on available data”, according to the statement.
Catch up with the latest data breach news
What is clearer is that a variety of sensitive information was exposed by the incident including “credit/debit card number (in combination with security code, access code, password or PIN for the account)”.
Affected customers were notified of the breach in late December 2021, according to PulseTV.
As seen on TV
The ‘as seen on TV’ product retailer reportedly detected the apparent breach after MasterCard told it that the site was a common point of purchase for customers who subsequently suffered from credit card fraud.
In response, PulseTV has migrated to a different payment card system and introduced stricter authentication controls.
The symptoms of the incident match those of earlier Magecart-style attacks that involve planting JavaScript skimmers within the checkout process of online stores.
The Daily Swig approached both PulseTV and its legal counsel for more information and confirmation on the specifics of the incident. There’s been no word back as yet, but we’ll update this story as and when more information comes to hand.
YOU MAY ALSO LIKE Indian authorities set to tighten data breach laws in 2022