Hackers Were Stealing Credit Card Data From Madison Square Garden for Almost a Year

Image: Flickr / Miguel Mendez

The Madison Square Garden Company just disclosed that someone had access to its payment processing system for almost a year. That means all data included on the magnetic stripe of your credit card—like credit card numbers, cardholder names, expiration dates, and internal verification codes—could have been stolen.

The breach not only affects Madison Square Garden but also the company’s other venues, including the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater. If you used a credit card at any of these venues to buy merchandise, booze, or overpriced food between November 9, 2015 and October 24, 2016, you may want to check your bank statement for anything out of the ordinary.

The Madison Square Garden Company says it has put a stop to the incident. According to the company’s statement, it appears that the card data wasn’t stolen by a physical skimmer placed over the card slot. The company says that it found “external unauthorized access to MSG’s payment processing system and the installation of a program that looked for payment card data as that data was being routed through the system for authorization.” This is essentially a virtual skimmer, that steals your credit card data as it is entered into the Garden’s database.


The thing that sucks about virtual skimmers is that there is essentially nothing you can do to protect yourself. If you suspect a point of sale system to have a physical skimmer attached to it, you could always try giving it a tug to see if anything that’s not supposed to be there pops off. But in the case of virtual skimmers, there isn’t much you can do besides carefully monitoring your bank balance for anything suspicious.


Virtual skimmers are simply just a harsh reality of our digital world. But don’t let them stop you from catching a Knicks game or Taylor Swift concert.

[Madison Square Garden]


Share This Story

About the author

William Turton

Staff Writer, Gizmodo | Send me tips: william.turton@gizmodo.com

PGP Fingerprint: 88DF AB75 FAFC 1D10 4C45 A875 CA45 ABE6 B08D 8E52PGP Key
OTR Fingerprint: 47F02E79 399AB8FA CC2A4DEF 4573B25F 18AB41D2