200,000 credit card details of PulseTV customers potentially compromised in data breach

US-based online store PulseTV has disclosed a data breach that compromised the credit card details of over 200,000 customers.

According to a notification letter shared with the Office of the Maine Attorney General, the e-commerce website was alerted to a potential compromise of customers’ credit card details from VISA.

"On March 8, VISA informed us that our website (www.pulsetv.com) was a common point of purchase for some unauthorized credit card transactions and that the website may have a possible compromise,” PulseTV said. “Shortly after that, we conducted malware scans, checked our security settings, and cooperated with VISA’s requests for information.”

During an initial investigation, the company said it found no unauthorized access to its website, and no customers complained of illegal usage of their credit cards.

However, a few months later PulseTV was warned again of compromise regarding credit card payments originating from pulsetv.com.

“On November 18, 2021, our investigator learned that the website had been identified as a common point of purchase for a number of unauthorized credit card transactions for MasterCard,” the data breach notification reads. “Based upon communications with the card brands, it is believed that only customers who purchased products on the website with a credit card between November 1, 2019 and August 31, 2021 may have been affected.

:The investigation was unable to verify that the website was the cause of the unauthorized transactions,” it continued. “However, in an abundance of caution, PulseTV is notifying customers, including you, who purchased products on our website during that time period so that they can take steps to protect and secure their credit card information.”

Full customer names, shipping addresses, email addresses, and payment details such as credit card numbers, expiration dates and CVV codes may have been compromised.

The company is investigating to determine if it was the victim of a malicious attack, and recommends its customers “remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports for any unauthorized activity.”

PulseTV also said it will add two-factor authentication requirements for all internal devices, migrate to a different payment system and use threat mitigation tools to help prevent future incidents.

Has your personal data been involved in a data breach incident recently? Find out now with Bitdefender's Digital Identity Protection service.

Our privacy-focused tool helps you control, manage and protect your digital self, alerting you when your data ends up in legal or illegal data collections on the internet. You’ll also receive expert recommendations to fix any privacy issue detected so you can protect your financial wellbeing.