US online store PulseTV revealed a large-scale customer credit card compromise. According to the notification letter shared with the Maine attorney general’s office, more than 200,000 buyers have been affected.
The platform discovered a potential VISA violation on March 8, 2021, which informed them that unauthorized credit card transactions were taking place on the site.
After performing some security checks and scanning for malware, PulseTV could not identify any issues with its e-commerce website.
However, the problem persisted when law enforcement contacted them a few months later about payment card compromises that appeared to originate from pulsetv.com.
The company responded with a new round of surveys, this time using the services of a third-party specialist.
On November 18, 2021, investigators “learned that the website had been identified as a common point of purchase for a number of unauthorized credit card transactions for MasterCard.”
Information that may have been compromised is as follows:
- Full Name
- Delivery address
- E-mail address
- credit card number
- Payment card expiration date
- Payment card security code (CVV)
The above information is all that is required for cardless transactions that are used to make online purchases.
PulseTV customers who have made purchases on the site during the specified violation period are recommended to keep a vigilant eye on their bank statements for unauthorized transactions.
The platform also announced that it is migrating to another payment system, will enable two-factor authentication (2FA) on all of its accounts, and use endpoint protection tools for better network visibility and mitigation. threat.
PulseTV claims that their investigations did not reveal any flaws in their systems. They were, however, the common point of several unauthorized transactions.
It doesn’t tell if a well hidden skimmer was planted on the website or if the cards were stolen from other merchants and only used on PulseTV for shopping.
Sometimes stolen payment cards are used to purchase goods which are delivered to parcel mules and then sold for cash.
We have contacted the platform for more details on the type of unauthorized transactions that have taken place on their e-shop, but we have not yet received a response.