Thousands of Credit Cards Compromised in Green Bay Packers Store Breach

Cybercriminals injected malicious code into the Packers Pro Shop's online checkout page, stealing sensitive payment and personal data. The breach occurred between September 23-24 and October 3-23, 2024. Customers using certain payment methods are affected, and the Packers are offering identity theft protection services to those impacted.

  • Over 8,500 customers affected by the Green Bay Packers Pro Shop website breach.
  • Credit card data, names, addresses, and CVVs were stolen via malicious code in the checkout page.
  • Payments through gift cards, PayPal, or Amazon Pay were not impacted.
  • The breach occurred between late September and October 2024.
  • Sansec identified that attackers used YouTube’s oEmbed and JSONP callback to bypass security.
  • The Packers disabled checkout features and removed malicious code upon discovery.
  • Three years of identity theft protection through Experian is being offered to victims.

This breach highlights the growing risks in online retail, even for high-profile organizations. Customers are urged to monitor their financial accounts and report any suspicious activity immediately. The Packers are taking corrective steps, but users should remain vigilant to protect their personal data.