- The English football club told customers that their credit card details were compromised in the breach.
- Leicester City F.C mentions that the security incident on its official online occurred on May 6.
Bad news for Leicester City FC (LCFC) fans, as anyone who shopped from their online store, are most likely to be affected by a data breach that compromised their credit card details. The English football club has emailed some of its customers affected in the breach recently. The email mentions that the breach happened on May 6, and indicates that specific credit card information was compromised of users who made transactions on the online store.
What information was affected?
- Credit card details such as card number, name of the cardholder, expiry date, and CVV, were compromised.
- However, the email says that the information related to SecureCode were not affected.
- LCFC mentions that technical investigations are still underway, and has requested affected customers to contact their credit card providers to prevent misuse of the cards.
Possible Magecart involvement
The Register tells that one of its readers named Yazza, believed it to be the work of Magecart group. “Yazza suspected that LCFC's site is running the Magento ecommerce platform and suggested to The Register that one potential attack vector could have been the Magecart malware,” it told. However, it said that there was no evidence to prove this speculation.
The Register also reported that LCFC did not respond and provide any explanation to its questions regarding the incident.