June 28, 2018
The information stolen most often in data breaches has led to an evolution in the fraud online merchants face, but a network intrusion affecting the U.K. unit of ticketing company Ticketmaster is a reminder that hackers are still interested in—and target—payment card information. Even though the increasing theft of username/password combinations has made account takeover fraud one of the fastest growing fraud types merchants are currently facing, it is clear that bad actors have not abandoned stolen credit cards and all the ways they can monetize them.
In a statement, Ticketmaster said it found malicious software installed in the system of one of its third-party suppliers that was gathering “personal or payment information” from its customers. The company said its customers in North America have not been affected.
While account takeover fraud has become a major concern, the incident at Tickemaster illustrates that thieves have not abandoned older tactics. Stolen payment card data still has value to fraudsters and merchants will still experience attacks like card testing, clean fraud and others.