At the end of June, online ticket company Ticketmaster confirmed that Inbenta, a third-party website supplier, suffered a security incident. However, researchers now reveal it was more complicated than it appeared, and definitely not a one-time attack, reported RiskIQ.
“Ticketmaster Germany, Ticketmaster Australia and Ticketmaster International (previously mentioned in the Inbenta breach) were also compromised via another completely different third-party supplier of functionality,” the firm said.
It seems website hacking has lost its glory and Magecart is a group that researchers are familiar with, having expressed concern about them in the past. The breach affected other providers including a social media integration company, a web analytics company and a CMS platform. According to research, the hackers have been sending the skimmed payment details to a server from as early as December 2016
“Our investigation following the Inbenta breach uncovered evidence that the Inbenta attack was not a one-off, but instead indicative of a change in strategy by Magecart from focusing on piecemeal compromises to targeting third-party providers like Inbenta to perform more widespread compromises of card data,” analysts wrote.