- ABS-CBN shuts down its online store
- The TV station said personal and credit details of their customers may have been exposed
- They will work closely with the National Privacy Commission regarding the data breach
The Kapamilya Network took down its online store (store.abs-cbn.com) and the UAAP store (uaapstore.com) websites after reports that there has been data breach on the e-commerce websites.
In a press statement, the TV station said the “personal and credit details” of their customers may have been exposed.
As per their current estimate, as the investigation is still ongoing, 213 customer information has been exposed.
The data breach report came from an Amsterdam, Netherlands-based security consultant and researcher who posted on September 18 via his blog that criminals have been running the payment skimmer on the store, as published on Inquirer.
Willem de Groot posted that the data were sent to a server in Russia which would be presumably sold in the black market.
The methodology used, de Groot said, is similar to the recent Ticketmaster and British Airways breaches which can beat encrypted connections. The malware intercepts the data during the checkout process and doesn’t state that the malware can scrape data from older transactions prior to being injected.
ABS-CBN advises their customers not to give out additional personal and financial information to anyone claiming to be their representative, and questions and concerns shall be sent through ABS-CBNStore@abs-cbn.com.
It said the data breach is isolated only to the two websites and does not affect their other properties.
They have, as posted, informed the National Privacy Commission and they will work closely together.