Saturday, June 15, 2024

Sodexo Filmology Under Cyber Attack – Customers Need to Cancel Their Credit Cards

Cinema voucher-pusher Sodexo Filmology hit by a cyber attack that affected the customer’s Credit cards and many of the Sodexo customers being affected by this incident.

Cybercriminals targetted the system that hosted for Sodexo Filmology Cinema platform using the security flaws that presented within the system.

Attacker mainly focusing on the payment page and compromised many of the user’s accounts to steal the Credit Cards information over 2 months.

In this case, Sodexo released an official statement that says, “We would advise all employees who have used the site between 19th March-3rd April to cancel their payment cards and check their payment card statements”

Based on the affected Customer statement, this attack has been carried out for several months and he said “After speaking to Filmology to ask exactly what had happened, I was informed that my bank details were stolen from the payment page and that the incident has been reported to the ICO. The hack on the payment page was carried out over 2 months and involved many accounts.”

Attackers initiated 3 attempts on the victim’s credit card and later he aware of unauthorized access and he reported to the concerned bank, later they successfully blocked his credit card.

As of now this breach only affected customers in the UK and Ireland and they also said, company had previously been made aware of similar unlawful access to personal data on Sodexo Filmology platforms, and immediately notified the authorities, including law enforcement agencies, as well as affected customers.

Sodexo Filmology

Based on the company report, UK employee rewards via discounted cinema tickets has also taken its site down “for the foreseeable future” in order “to eliminate any further potential risk” to consumers and to protect consumers’ data.

These incidents have been caused by a targeted attack on the system we use to host our Cinema Benefits platform, despite having put in place a number of preventative measures with CREST-approved security specialists.”

“We sincerely apologize for any inconvenience this has caused you and are doing all that we can to provide access to your benefits via alternative means. We will share more information on this with you, or your provider, in the coming days, Sodexo Said.

Website

Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles