National Baseball Hall of Fame Hit By Payment Card Stealing Attack

National Baseball Hall of Fame Hit By Payment Card Stealing Attack


The web site for the National Baseball Hall of Fame in Cooperstown, NY was hacked to include a malicious MageCart script that stole the payment information of customers who purchased items on the site.


According to a notification filed with California's security breach notification service, the National Baseball Hall of Fame's web site had a malicious script injected into their online store between November 15, 2018 and May 14, 2019.


"The National Baseball Hall of Fame (“Hall of Fame”) values and respects the privacy of your information, which is why we are writing to advise you of a recent incident that may have involved some of your personal information," the notification alerted affected users. "On June 18, 2019, we learned that some of your information could have been obtained by an unauthorized third-party that placed malicious computer code on the Hall of Fame web store (shop.baseballhall.org) e-commerce system. The code may have targeted certain personal information of customers who made a credit card purchase via the web store between November 15, 2018 and May 14, 2019."


The information that could have been stolen includes a customer's name, address and credit or debit card information, including the CVV code.


It should be noted that this attack only affected customers who purchased items from the web site and not in the museum itself.


If you purchased anything from the National Baseball Hall of Fame web site located at https://baseballhall.org/, you should report the situation to your credit card company and monitor your statement for fraudulent purchases.


Payment information stolen by a MageCart attack 


Attackers gained access to the Hall of Fame's web site and injected ..

Support the originator by clicking the read the rest link below.