Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s
Hackers may have stolen credit card information and customer data from a popular video game retailer, according to KrebsOnSecurity.
GameStop Corp. told KrebsOnSecurity April 7 it’s investigating a possible breach after a third party notified the company payment card information used on GameStop.com was offered for sale online.
Hackers likely compromised the website between mid-September 2016 and early February 2017, according to two sources who spoke with KrebsOnSecurity.
It’s unclear how many customers may have been affected by the hack.
A virus has shut down one of United Talent Agency's offices, forcing employees to work from mobile devices until the malware is contained, according to Billboard.
The malware was discovered Tuesday on the agency's LA office computers. In a statement to Billboard, agency officials said they believed no private information about the agency or its staffers had been compromised.
"UTA is engaged with top experts who have experience in these specific matters," the talent agency said in that statement. In the interim, every member of our team continues to have access to their email and phones, and the situation is being resolved."
The probe into the cyberattack is expected to be completed in the next few days, Billboard reported.
Customers in Britain and Poland may have been affected by a major data breach of British payday lender Wonga, according to Reuters.
Up to 270,000 former and current customers' personal information, including addresses and bank account numbers, could have been compromised by the hack, which was detected April 4, Reuters reported, citing a source close to the lender.
"We are urgently working to establish further details and contacting those who we know have been impacted," Wonga said in a statement on its website. "The information may have included one or more of the following: name, e-mail address, home address, phone number, the last four digits of your card number (but not the whole number) and/or your bank account number and sort code."
The lender said it began notifying customers April 8, after it realized personal data may have been compromised.