P2018-ND-043

Preferred Hotels & Resorts

On January 11, 2018, customers of the Organization reported experiencing suspected credit card fraud and believed that their purchases from OnePlus.net were potentially related to the fraudulent credit card activity. The Organization investigated, and found that an unknown attacker had injected a malicious script into the payment processing page of the Organization?s website. The malicious script intermittently captured credit card information entered by customers on the payment page during the period between November 21, 2017 and January 11, 2018.

File Type: pdf
Categories: 2018
Tags: Unauthorized access