DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More than two years after compromise, Combat Brands was still battling malware?

Posted on November 30, 2017 by Dissent

First, there was this:

On January 25, 2017, Combat Brands began investigating some unusual activity reported by its credit card processor. Combat Brands immediately began to work with third-party forensic experts to investigate these reports and to identify any signs of compromise on its systems. On February 23, 2017, Combat Brands discovered that it was the victim of a sophisticated cyber-attack that resulted in the potential compromise of some customers’ debit and credit card data used at www.fightgear.com, www.fitness1st.com, www.ringside.com, and www.combatsports.com between July 1, 2015 to February 23, 2017.

Since that time, Combat Brands has been working with third-party forensic investigators to determine what happened, what information was affected and to implement additional procedures to further protect the security of customer debit and credit cards. Combat Brands removed the malware at issue to prevent any further unauthorized access to customer debit or credit card information. Combat Brands is also working with the Federal Bureau of Investigations to investigate this incident. Customers can safely use their payment card at www.fightgear.com, www.fitness1st.com, www.ringside.com, and www.combatsports.com.

Source: Notification of April, 2017.

But then there was this…

We recently learned that we were the victims of a sophisticated cyber-attack that may affect the security of your payment information. We are providing you with information about the incident, steps we are taking in response, and steps you can take to protect against fraud should you feel it is appropriate.

What Happened? On October 6, 2017, while in the process of running routine scans, we identified some unusual code that was running on our website. On that same day, we discovered that we were the victim of a sophisticated cyber-attack that resulted in the potential compromise of some customers’ debit and credit card data used at www.fightgear.com, www.fitness1st.com, www.ringside.com, and www.combatsports.com between July 1, 2015 and October 6, 2017.

Since that time, we have been working with third-party forensic investigators to determine what happened, what information was affected and to implement additional procedures to further protect the security of customer debit and credit cards. We removed the malware at issue to prevent any further unauthorized access to customer debit or credit card information. You can safely use your payment card at our websites.

Source:  Notification of November, 2017.

So since they were first alerted by their credit card processor in January 25, 2017, they were unable to really totally remove disinfect the malware, despite reassuring consumers in April that all was good and it was safe to use their payment cards? Well, they’re not the first who have had that unfortunate experience, but…

There’s actually more….. and you probably never saw and will not see a notification letter concerning what appeared to be yet another security incident unrelated to the one described above.

From my files:

Subject: Olark Chat Transcript – Abbie – Dissent
From:  [email protected]
Date: Sat, April 22, 2017 09:51
To:  [email protected]

Site: http://www.combatsports.com/security-privacy-policy
2017-04-22 09:45 AM CDT
Transcript ID: keOgqZoMKN3KCE0B1X9pD0ToU14D31AV

You
I’m a journalist/breach reporter and investigator who often gets tips about breaches from researchers. This is not about the breach that Combat Brands already disclosed/reported. This is a SECOND problem: A researcher who routinely scans for exposed databases on shodan.io search engine contacted me to tell me that some Combat Brands and FightGear backups are exposed and freely available to the entire world at the following IP address: 159.203.104.47

Abbie
Good mornig

You
Good morning.

Abbie
I will certainly pass this on to the proper department
Thank you for the information

You
Excellent. Tell them the problem is that Port 443 is open by default and it got indexed by Shodan.io
I see two Fightgear backups from 2016 in there and CombatBrands files.

Abbie
I certainly will

You
Can you please have them email me: [email protected] to confirm when they have secured this?

Abbie
I will pass this information to them
they will not be in until Monday

You
so the data will still be leaking or anyone can be copying it. Not great… 🙁
If you have an escalation procedure, this would be suitable use.

Abbie
Thank you
I just sent email

You
ok, good luck…

They never contacted me after that chat. Did they determine whether any others accessed the unsecured backup files? Was there any payment card info or personally identifiable information in those backups? Were any consumers notified?

And should customers feel safe providing their information to this firm? Would you?

Related posts:

  • Madison Square Garden Company Alerts Customers of Payment Card Data Breach
Category: Business SectorCommentaries and AnalysesExposureMalwareU.S.

Post navigation

← Russian Cyber-Criminal Roman Valeryevich Seleznev Sentenced to 14 Years in Prison for Role in Organized Cybercrime Ring Responsible for $50 Million in Online Identity Theft and $9 Million Bank Fraud Conspiracy
National data breach notification law introduced by Senate Commerce Committee members →

1 thought on “More than two years after compromise, Combat Brands was still battling malware?”

  1. Boxer says:
    December 4, 2017 at 8:39 pm

    They just sent notification letters. I wasn’t aware of the previous security breaches.

    I will never shop through their site again until they change their processing and hosting. since they clearly cannot be trusted. Maybe this explains their desperate attempts this year to lure people in with 40%-50% off coupons on all Combat Brands merchandise. Seemed too good to be true.

    I think that every website should go through an existing payment processor that uses 2-factor, like Google Wallet or Paypal.

    The question is; What were they doing between April 22 (when you alerted them) and October 6?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.