(Image from ABS-CBN PR website)

Technology news website ZDNet reported on a possible data breach affecting customers of ABS-CBN online store.

ZDNet quoted Dutch security researcher Willem “gwillem” de Groot that a “payment skimmer” that has been active since August must have been the culprit and might have stolen customers’ “financial data.” He also confirmed that the skimmer is still active.

The hack must have been made possible by a malware, hidden within a JavaScript file, that intercepts the checkout process. It also “scrapes financial information of payment cards used by customers attempting to buy merchandise from the store.”

The report further states that the financial data are said to be sent to a “server registered in Irkutsk, Russia.”

This breach, according to the security expert pass a semblance to the recent British Airways and Ticketmaster data breaches.

The site is currently inaccessible.

UPDATE:

In a statement, ABS-CBN confirmed the data breach and said that the investigation is still ongoing. It also confirmed that customers’ credit card details have been compromised.

“The data breach is isolated to ABS-CBN Store and UAAP Store websites and does not affect other ABS-CBN digital properties.”

If further states that there may have been 213 customers whose information has been stolen. The breach has already been reported to the National Privacy Commission, an independent body tasked to monitor and ensure compliance of the country with international standards set for data protection.

ABS-CBN advises its customers not to give out any information to anyone claiming to be from the company.

ABS-CBN Online Store is hosted on the Russian Network coffeemokko.com.

A security expert from cybersecurity firm RiskIQ confirmed to ZDNet that the attack was conducted by Magecart, which also attacked the British Airways earlier this month. Magecart is a threat group that has been around for three years. Its history of attacks showed its penchant for “compromising online stores” and utitlizng JavaScript to confuse anti-virus software to evade any detection.