U.S. Pro Soccer's Online Shoppers Get Kicked By Security Breach
Jaikumar Vijayan writes on ComputerWorld:
A series of SQL injection attacks on servers hosted by a third-party service provider has compromised the personal data of an unspecified number of individuals who had shopped on Major League Soccer's MLSgear.com Web site.More here.
The compromised information included names, addresses, credit and debit card data, and MLSgear.com passwords, MLS President Mark Abbott said in a letter sent to affected individuals on Feb. 1. MLSgear.com is the soccer league's official online store.
The incident was first reported by PogoWasRight.org, a blog that tracks data breaches. The blog site also posted a link to a notice that was sent by MLSgear.com to the office of New Hampshire's attorney general, informing the AG of the breach and saying that it affected 169 New Hampshire residents.