The Green Bay Packers online store breached, customer information compromised

Paolo Aldrighetti via Unsplash

The Green Bay Packers is notifying fans of a breach against its online store, which may have impacted the personal and/or financial data of customers. Compromised information may include:

Names
Addresses (billing and shipping)
Email addresses
Credit card type, number, verification code and expiration date

Steve Povolny, Senior Director of Security Research at Exabeam, comments, “As a long-time Packer fan growing up in Wisconsin, this definitely caught my eye. While script injection and card skimming are age-old techniques for data theft, the original point of entry remains unknown. Whether a server-side vulnerability such as XSS (Cross-site scripting), social engineering such as phishing, or a configuration issue on login/authentication, it is important to remember that both the original points of entry and all follow-up vectors must be monitored and tracked. Even if an attacker manages to get in, so long their actions afterward can be profiled or detected, ultimate harm can be avoided or at least alerted earlier. Regardless, I’m calling a penalty on this play, ‘unnecessary hacking.’ At least they didn’t get our cheese curds.”

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger