Tuesday, March 19, 2024

Sodexo Filmology Under Cyber Attack – Customers Need to Cancel Their Credit Cards

Cinema voucher-pusher Sodexo Filmology hit by a cyber attack that affected the customer’s Credit cards and many of the Sodexo customers being affected by this incident.

Cybercriminals targetted the system that hosted for Sodexo Filmology Cinema platform using the security flaws that presented within the system.

Attacker mainly focusing on the payment page and compromised many of the user’s accounts to steal the Credit Cards information over 2 months.

In this case, Sodexo released an official statement that says, “We would advise all employees who have used the site between 19th March-3rd April to cancel their payment cards and check their payment card statements”

Based on the affected Customer statement, this attack has been carried out for several months and he said “After speaking to Filmology to ask exactly what had happened, I was informed that my bank details were stolen from the payment page and that the incident has been reported to the ICO. The hack on the payment page was carried out over 2 months and involved many accounts.”

Attackers initiated 3 attempts on the victim’s credit card and later he aware of unauthorized access and he reported to the concerned bank, later they successfully blocked his credit card.

As of now this breach only affected customers in the UK and Ireland and they also said, company had previously been made aware of similar unlawful access to personal data on Sodexo Filmology platforms, and immediately notified the authorities, including law enforcement agencies, as well as affected customers.

Sodexo Filmology

Based on the company report, UK employee rewards via discounted cinema tickets has also taken its site down “for the foreseeable future” in order “to eliminate any further potential risk” to consumers and to protect consumers’ data.

These incidents have been caused by a targeted attack on the system we use to host our Cinema Benefits platform, despite having put in place a number of preventative measures with CREST-approved security specialists.”

“We sincerely apologize for any inconvenience this has caused you and are doing all that we can to provide access to your benefits via alternative means. We will share more information on this with you, or your provider, in the coming days, Sodexo Said.

Website

Latest articles

Beware Of Free wedding Invite WhatsApp Scam That Steal Sensitive Data

The ongoing "free wedding invite" scam is one of several innovative campaigns aimed at...

Hackers Using Weaponized SVG Files in Cyber Attacks

Cybercriminals have repurposed Scalable Vector Graphics (SVG) files to deliver malware, a technique that...

New Acoustic Keyboard Side Channel Attack Let Attackers Steal Sensitive Data

In recent years, personal data security has surged in importance due to digital device...

Discontinued WordPress Plugin Flaw Exposes Websites to Cyber Attacks

A critical vulnerability was discovered in two plugins developed by miniOrange.The affected plugins,...

ShadowSyndicate Hackers Exploiting Aiohttp Vulnerability To Access Sensitive Data

A new Aiohttp vulnerability has been discovered, which the threat actor ShadowSyndicate exploits.Aiohttp...

Hackers Launching AI-Powered Cyber Attacks to Steal Billions

INTERPOL's latest assessment on global financial fraud uncovers the sophisticated evolution of cybercrime, fueled...

Fujitsu Hacked – Attackers Infected The Company Computers with Malware

Fujitsu Limited announced the discovery of malware on several of its operational computers, raising...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles