Home » News » RBS and NatWest issue new cards following hack

RBS and NatWest issue new cards following hack

Tuesday, 22 January, 2019

Six months after the hack at Ticketmaster, an online ticket company, the Royal Bank of Scotland and its subsidiary NatWest have issued replacement cards to those customers affected. The breach is known to have involved the personal details of more than 40,000 people in the UK.

Writing on their social media outlets, the banks said they were replacing the cards to ensure there would be ‘significant levels of security.’

Alongside the announcement, RBS customers who had used their cards at Ticketmaster received a letter. RBS emphasised this is a precautionary measure even if there is currently no indication that an individual’s data had been illegally accessed.

We’ll soon be sending you a new debit card. We’re doing this following a data breach at Ticketmaster last year, as we know you used your debit card listed above with them.

It’s just a precaution we take for you and all customers in similar circumstances to make sure your account is safe and secure.

Our priority is to make sure our customers’ data is secure. Following the breach disclosed by Ticketmaster, we are proactively reissuing cards to all impacted cardholders.

- Company letter: RBS

Last June Ticketmaster confessed that they had been hacked after cybercriminals had installed malicious software in the company’s customer support product which was hosted by a third-party supplier, Inbenta Technologies.

According to cybersecurity firm RiskIQ, the hack was carried out by a group known as Magecart. This group was also responsible for the attacks on British Airways earlier in the year, as well as the mega hits against US retailers Home Depot and Target in 2017. It is believed the group has been operating since at least 2015.

Initially Ticketmaster blamed the breach on Inbenta, who responded saying the fault lay with Ticketmaster’s use of custom code on their payment pages.

Ticketmaster directly applied the script to its payment page, without notifying our team. Had we known that script would have been used in that way, we would have advised against it, as it poses a security threat.

- Jordi Torras: CEO, Inbenta Technologies

Ticketmaster finally admitted that all credit and debit cards used between February and June last year for UK customers and between September 2017 and June 2018 for international customers were at risk.

Once the dust had settled it was estimated some 40,000 Brits had been directly affected and found their names, addresses, email addresses and payment details had been exposed.

While welcome by customers, the reissue of cards comes nine months after online bank Monzo took similar action after the breach. When Ticketmaster finally went public with the breach, Monzo said they had detected problems as early as April last year and subsequently blocked a number of cards using Ticketmaster. The bank said it had informed Ticketmaster immediately and then proactively replaced the cards of all their customers.

Image: Binar Schwarz Cyber

Tim Bamford author picture

By:

Tim is a veteran freelance journalist writing extensively on internet news and cybersecurity.

News What's the story?

Keep up with the latest developments in UK broadband.

The new homes with 1GB broadband connections

The new homes with 1GB broadband connectionsThe new homes with 1GB broadband connections Read more

What are ISPs and internet services doing to help during the Coronavirus crisis?

Total lockdown expected - can ISP’s and internet services offer any help?

Read more

BT confirm Gigabit broadband!

BT confirm the launch of their Gigabit home broadband package for Spring 2020!

Read more

Tips for home working during Coronavirus outbreaks

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Why Connected Home over IP will change our lives

Why Connected Home over IP will change our livesWhy Connected Home over IP will change our lives Read more

Amazon Alexa or Google Assistant?

Read more

Protecting your content from plagiarism and reuse

Read more