Cybercriminals were able to steal the credit card information of more than 100,000 people this year after taking over parts of a website operated by the Oregon Zoo.
The Portland-based zoo filed documents with regulators on Friday describing a months-long campaign against the payment platform the organization uses on its website.
In late June, zoo officials noticed suspicious activity on the online ticket service and shut down the website to begin an investigation.
On July 22, the zoo learned that “an unauthorized actor redirected customers’ transactions from the third-party vendor that processed online ticket purchases, potentially obtaining payment card information from December 20, 2023, through June 26, 2024.”
“As a precaution, the Oregon Zoo reviewed all transactions from this time period to identify anyone whose payment card information may have been affected,” the zoo said. “Personal information that may have been accessed without authorization includes name, payment card number, CVV and expiration date.”
The Oregon Zoo told Maine regulators that a total of 117,815 people were affected.
Federal law enforcement has been notified of the incident and the Oregon Zoo is providing credit monitoring services to all victims for one year.
The zoo also reported breaches to regulators in Oregon and Texas. The Oregon Zoo is the latest major zoological organization to be attacked by cybercriminals, after the Toronto Zoo and Tampa Bay Zoo also struggled with incidents in the past 12 months.
Payment skimming malware infections have been a proven way for cybercriminals to make money for years. Skimming attacks involve hackers embedding tools or malware into e-commerce websites that allow them to steal credit card information from online stores during the checkout process. This tactic has long been a problem for popular online retailers.
In December, Europol, together with law enforcement authorities from 17 countries, warned 443 online retailers that their customers’ payment card data had been compromised by e-skimmers.
In July 2024 alone, Recorded Future found that 3,799 e-commerce domains were infected with an e-skimmer
Threat actors offered 18.6 million card records for sale in darknet carding shops in July, with researchers collecting “8.8 million freely released full card records in July 2024.”
According to an annual report on payments fraud by Recorded Future, the industry is showing signs of recovery following Russian law enforcement’s crackdown on domestic cybercriminals and the Russian invasion of Ukraine. The Record is an editorially independent division of Recorded Future.
Researchers found 119 million cards listed for sale in darknet carding shops. Card issuers are estimated to incur $9.4 billion in avoidable losses from the fraud, and merchants and acquirers face $35 billion in potential chargeback fees in 2023.
In 2022, researchers say e-skimmers resulted in 45.6 million compromised payment card details being offered for sale on darknet platforms.
Recorded future
Intelligence Cloud.
Learn more.
