Tuesday, March 19, 2024

Sodexo Filmology Under Cyber Attack – Customers Need to Cancel Their Credit Cards

Cinema voucher-pusher Sodexo Filmology hit by a cyber attack that affected the customer’s Credit cards and many of the Sodexo customers being affected by this incident.

Cybercriminals targetted the system that hosted for Sodexo Filmology Cinema platform using the security flaws that presented within the system.

Attacker mainly focusing on the payment page and compromised many of the user’s accounts to steal the Credit Cards information over 2 months.

In this case, Sodexo released an official statement that says, “We would advise all employees who have used the site between 19th March-3rd April to cancel their payment cards and check their payment card statements”

Based on the affected Customer statement, this attack has been carried out for several months and he said “After speaking to Filmology to ask exactly what had happened, I was informed that my bank details were stolen from the payment page and that the incident has been reported to the ICO. The hack on the payment page was carried out over 2 months and involved many accounts.”

Attackers initiated 3 attempts on the victim’s credit card and later he aware of unauthorized access and he reported to the concerned bank, later they successfully blocked his credit card.

As of now this breach only affected customers in the UK and Ireland and they also said, company had previously been made aware of similar unlawful access to personal data on Sodexo Filmology platforms, and immediately notified the authorities, including law enforcement agencies, as well as affected customers.

Sodexo Filmology

Based on the company report, UK employee rewards via discounted cinema tickets has also taken its site down “for the foreseeable future” in order “to eliminate any further potential risk” to consumers and to protect consumers’ data.

These incidents have been caused by a targeted attack on the system we use to host our Cinema Benefits platform, despite having put in place a number of preventative measures with CREST-approved security specialists.”

“We sincerely apologize for any inconvenience this has caused you and are doing all that we can to provide access to your benefits via alternative means. We will share more information on this with you, or your provider, in the coming days, Sodexo Said.

Website

Latest articles

Hackers Exploiting Microsoft Office Templates to Execute Malicious Code

In a cyberattack campaign dubbed "PhantomBlu," hundreds of employees across various US-based organizations were...

How ANY.RUN Malware Sandbox Process IOCs for Threat Intelligence Lookup?

The database includes indicators of compromise (IOCs) and relationships between different artifacts observed within...

CryptoWire Ransomware Attacking Abuses Schedule Task To maintain Persistence

AhnLab security researchers detected a resurgence of CryptoWire, a ransomware strain originally prevalent in...

E-Root Admin Sentenced to 42 Months in Prison for Selling 350,000 Credentials

Tampa, FL – In a significant crackdown on cybercrime, Sandu Boris Diaconu, a 31-year-old...

WhiteSnake Stealer Checks for Mutex & VM Function Before Execution

A new variant of the WhiteSnake Stealer, a formidable malware that has been updated...

Researchers Hacked AI Assistants Using ASCII Art

Large language models (LLMs) are vulnerable to attacks, leveraging their inability to recognize prompts...

Microsoft Deprecate 1024-bit RSA Encryption Keys in Windows

Microsoft has announced an important update for Windows users worldwide in a continuous effort...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles