Security News > 2020 > March > TrueFire Guitar Tutoring Website Suffers Magecart-style Credit Card Breach
Online guitar tutoring website TrueFire has apparently suffered a 'Magecart' style data breach incident that may have potentially led to the exposure of its customers' personal information and payment card information.
TrueFire is one of the popular guitar tutoring websites with over 1 million users, where wanna-be-guitarists pay online to access a massive library of over 900 courses and 40,000 video lessons.
"While we do not store credit card information on our website, it appears that the unauthorized person gained access to the site and could have accessed the data of consumers who made payment card purchases while that data was being entered," the breach notification says.
"We cannot state with certainty that your data was specifically accessed; however, you should know that the information that was potentially subject to unauthorized access includes your name, address, payment card account number, card expiration date, and security code," the breach notification says.
While the company didn't explain how the attackers managed to compromise its website or if they had injected a digital credit card skimmer on it, the scenario looks very similar to a Magecart style attack.