Attackers Steal Credit Cards in Rooster Teeth Data Breach (Dec 13, 2019)
Rooster Teeth Productions, the production company behind popular web series “Red vs. Blue” and “Crunch Time,” have suffered a data breach due to a malicious script injected into the company’s online store, allowing a malicious actor to steal payment card and personal information from shoppers. According to the data breach notification, the malicious script would cause the shopper to be redirected to a fake payment page under the control of the threat actor, allowing the malicious party to steal a customer’s full name and payment card data, as well as email address, home address, and telephone number. The code was discovered on the website on December 2, 2019, and was removed from the store on the same day, and while the number of customers was not included in the statement, those impacted were notified and offered a free 1-year credit monitoring service.
Recommendation: Customer-facing companies that store credit card data must actively defend against PoS threats and stay on top of industry compliance requirements and regulations. All PoS networks should be aggressively monitored for these types of threats. In the case of infection, the affected networks should be repopulated. Furthermore, customers should be notified as soon as possible and potentially offer fraud protection to avoid negative media coverage and reputation.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.