Anyone who’s bought beer at a Knicks game recently may want to call their bank. Madison Square Garden (MSG) Company reported that payment card information was stolen from customers at shows or sporting events at MSG venues over the past year. The company has not yet disclosed how many people were affected by the attack. That said, several unnamed financial institutions spotted a pattern of fraudulent activity at MSG POS (point of sale) systems at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater and the Chicago Theater. MSG confirmed that unauthorized persons accessed POS data between Nov 2015 and Oct 2016. MSG says the malware has been removed from its system and that not all cards processed during that period were affected, but since these are such large venues, hundreds of thousands of people may have had their credit card information stolen.
This attack resembles many of the high-profile hacks from 2014 like Target, Home Depot and Neiman Marcus. This kind of POS RAM scraping seems to have fallen out of vogue in the past several months as ransomware attacks have grown in popularity and cybercriminals targeted other organizations like healthcare providers and law firms. But it’s very clear that POS attacks haven’t gone completely MIA.
Read the full story on SC Magazine here: https://www.scmagazine.com/rangers-knicks-rockettes-fans-hacked-in-msg-data-breach/article/574880/