Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Oregon Zoo Ticketing Service Hack Impacts 118,000

A web skimmer was likely used to steal names and payment card data from the Oregon Zoo’s online ticketing service.

The Oregon Zoo is notifying roughly 118,000 individuals that their names and payment card information was stolen from its online ticketing service.

The incident was identified on June 26 and resulted in names, payment card numbers, CVVs, and expiration dates being exfiltrated. Transactions processed between December 20, 2023, and June 26, 2024, were likely affected.

“As a precaution, Oregon Zoo reviewed all transactions from this period to identify anyone whose payment card information may have been affected,” the zoo said in a regulatory filing with the Maine Attorney General’s Office.

According to the zoo, threat actors redirected transactions from the third-party vendor that processed online ticketing purchases for Oregon Zoo. The affected website was immediately decommissioned and a new, secure site for online ticket purchases was built.

The zoo notified the Maine AGO that 117,815 individuals might have been affected and also revealed that written notification letters were sent to them on August 16.

“Oregon Zoo notified federal law enforcement regarding the event. Oregon Zoo is also reviewing its policies and procedures to reduce the likelihood of similar events in the future,” the zoo said.

The zoo is offering one year of free credit monitoring and identity protection services to the potentially affected individuals.

One of the oldest zoos in the US, Oregon Zoo was founded in 1888. It’s owned by the regional Metro government and spreads over 64 acres.

Advertisement. Scroll to continue reading.

While the zoo did not share specific details on the type of cyberattack that led to the data breach, the incident was likely the result of a web skimmer infection on Oregon Zoo’s online ticketing service.

Also referred to as digital skimmers, JavaScript-sniffers, or JS-sniffers, web skimmers are malware families that threat actors inject into legitimate websites, typically on the checkout page, to steal the visitors’ personal and payment card information.

Skimmer infections typically go unnoticed for long periods of time, as was the case with Oregon Zoo, and the stolen information is used to perform various types of fraud. To date, cybersecurity researchers have identified over 130 digital skimmer families.

Related: Police Warn Hundreds of Online Merchants of Skimmer Infections

Related: Magecart Web Skimmer Hides in 404 Error Pages

Related: Website of Canadian Liquor Distributor LCBO Infected With Web Skimmer

Related: Marriott Confirms Small-Scale Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

More People On The Move

Expert Insights