Popular guitaring tuition website TrueFire suffered a data breach last year that went on for six months undetected and compromised credit card details and personal information of users.
TrueFire, which boasts over 1 million users worldwide, recently informed its users that an unauthorised person accessed the company’s database, particularly unencrypted information, for over a period of five months in 2019.
Guitar.com contacted one of the affected users who received a letter titled ‘Notice Of Data Breach’ from TrueFire LLC. The letter sent to the user stated that on 10 January 2020, TrueFire identified a breach in their database that involved an unauthorised user gaining access to information that customers entered through the website.
While they claim to not store any credit card information in their database, the hacker was able to access the personal and financial information of users who paid using their credit cards on the company's website between August 3, 2019 and January 14, 2020.
“We cannot state with certainty that your data was specifically accessed; however you should know that the information that was potentially subject to unauthorised access includes your name, address, payment card account number, card expiration date, and security code,” TrueFire said in the letter addressed to affected users.
Cyber attack targeting TrueFire was probably a Magecart attack
Following this incident, TrueFire advised affected users to keep a tab of their payment card statement for any unauthorised or suspicious activity and take standard preventive measures for identity theft. The company also said that it is working with a computer forensic specialist to identify the extent of the breach.
“The confidentiality, privacy, and security of information in TrueFire’s possession is one of its highest priorities. TrueFire has stringent security measures in place to protect this information, and we are providing notice to the segment of customers who were potentially affected by this incident,” the company told Guitar.com.
Martin Jartelius, the chief security officer at Outpost24, told TEISS that "the symptoms described sound just like a normal Magecart attack, or at least based on the same setup."
"If the company have been leaking credit card details they do themselves need to implement a payment flow, and the sites should have been tested for PCI compliance, so it will be interesting to see where this goes if the issue has been present for a substantial amount of time," he added.