Hackers used Magecart card-skimming malware on the NBA team's ecommerce site to steal customer data.
SC Magazine reports:
Cybercriminals using Magecart card-skimming code attacked the online store of the NBA’s Atlanta Hawks, stealing customers names, addresses and payment card numbers.
The Sanguine Labs team at Sanguine Security identified the offending code on the store’s checkout page on Saturday April 20, according to a post on the security company’s website. But research from RiskIQ following this public disclose revealed that the website, HawksShop.com, had been compromised far longer than that.
“The first time we detected skimming code on the website was June 6th of 2017, RiskIQ threat researcher Yonathan Klijnsma, Threat Researcher told SC Media. “The compromise wasn’t targeted however, it was one aimed at hundreds of websites at the same time.”