Customer credit card data exposed in Madison Square Garden breach

Customers who used credit cards at Madison Square Garden Company venues should urgently check their bank statements. The Madison Square Garden Company has confirmed a breach occurred between Nov. 9, 2015 and Oct. 24, 2016, exposing cardholder data.

The investigation found “external unauthorized access to MSG”s payment processing system and the installation of a program that looked for payment card data as that data was being routed through the system for authorization,” the company said in a press release.

When the criminals hacked the payment system, they accessed the data in the magnetic stripe on the back of the card. Credit card numbers, cardholder names, expiration dates and internal verification codes, among others, may have been exposed.

“MSG has stopped this incident, and we continue to work with the computer security firms to further strengthen the security of our systems to help prevent this from happening again,” announced MSG. “We have also been providing information to law enforcement regarding this matter.”

The company urges all customers who, during this timeframe, made credit card payments at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater to stay vigilant for fraud and identity theft attempts and immediately check their account balance for suspicious transactions made in their name. Any incident should be reported to the card issuer as soon as possible. In case of identity theft, the victims should reach out to the Federal Trade Commission or the Attorney General”s office.

The credit cards used for payments on the websites, on Ticketmaster or at the Box Offices were not affected, according to MSG.