August 19, 2024 at 07:36AM
The Oregon Zoo has notified 118,000 people of a data breach, exposing names and payment card details stolen from its online ticketing system. Transactions from Dec 20, 2023, to Jun 26, 2024, were affected. The zoo disclosed that a third-party vendor was targeted and has taken steps to secure a new website. The affected individuals will receive free credit monitoring and identity protection for a year.
Based on the meeting notes, here are the key takeaways:
1. The Oregon Zoo experienced a data breach where approximately 117,815 individuals may have had their names and payment card information stolen from the online ticketing service.
2. The breach occurred between December 20, 2023, and June 26, 2024, with threat actors exfiltrating names, payment card numbers, CVVs, and expiration dates.
3. The zoo took prompt action by reviewing all transactions from the affected period, notifying federal law enforcement, and decommissioning the affected website.
4. Written notification letters were sent to potentially affected individuals on August 16, and the zoo is offering one year of free credit monitoring and identity protection services to those affected.
5. The incident was likely the result of a web skimmer infection on Oregon Zoo’s online ticketing service, a type of malware injected into legitimate websites to steal personal and payment card information.
Please let me know if you need any further information or if there are additional tasks related to these meeting notes.