Update 23/07/2014 16:15:
The company detected the unauthorised transactions last year, contacted authorities and gave the affected customers refunds and help changing their passwords. It’s unclear whether the digital prowlers then exploited their access to scoop up more information from the compromised accounts. The company and the law enforcement official wouldn’t give further details.
This time the target was eBay’s online ticket resale service, Stubhub. It’s been revealed that thieves logged into the accounts of over 1,000 customers and made purchases without their permission.
The surprising part of the story is that there was no actual attack or hack on the site: thieves used IDs obtained from other attacks. (eBay’s perhaps.)
It’s very common for users to share log-in details between different sites where they have accounts.
A spokesman for Stubhub said there was a ‘pretty intense network of cyber-fraudsters working in concert with each other’.
As yet, there is no more information on the breach but the Manhattan District Attorney’s office is expected to release more details later today.