TrueFire

TrueFire is one of the excellent guitar tutoring websites, including 1 million users, where you will get a vast library of over 900 courses and 40,000 video lessons. Well, on January 10, 2020, TrueFire has allegedly undergone a ‘Magecart’ style data breach conflict that may have possibly led to the appearance of its customers’ personal information and credit card information.

Hence, TrueFire has already notified its users that an “unauthorized person” had access to the company’s computer system, and particularly to unencrypted data that was inserted into its website for a while over five months.

Hence, Guitar.com has already communicated by one of the interested users, who shared the full text of the letter, which is given from TrueFire LLC, titled as ‘Notice Of Data Breach,’ describing and apologizing for what happened.

What happened?

Apart from all these things, TrueFire hasn’t yet openly published or accepted the breach; the well-known media portal, The Hacker News, heard about the conflict after a few affected customers posted online details of a notification they got from the company last week.

Moreover, they also received a copy of the same ‘Notice Of Data Breach‘ uploaded lately to the website of Montana Department of Justice, particularly in a section where the government yields information on data breaches that also hit Montana residents.

As the company got this security conflict on January 10, it demanded to have now covered the web vulnerability that enabled attackers to negotiate its website in the first place. Hence, any Guitarists who made any online payment at the TrueFire site within last August and this January are recommended to block their credit cards and demand a new one from their respective financial institutions (bank).

What information was involved?

Well, we cannot state what data specifically was involved. Still, the primary information known that was potentially subject to unauthorized access comprises name, address, payment card account number, card expiration date, and security code.

Moreover, other customers are also recommended to be careful and keep a close eye on their bank and payment card accounts for any strange activity. As anticipation, all users are also encouraged to change passwords for their TrueFire account and for any other online account where they apply the same passwords.

TrueFire proceeded to confirm that affected users review payment card statements for unusual activity, as well as following standard preventative steps against identity fraud. It also granted support that it was monitoring for more unauthorized activity on the site, and was operating with “computer forensic specialists to discover the full nature and scope of the intrusion,” as well as detailing the breach to law enforcement authorities.

Apart from these things, the Guitar.com, along with TrueFire, has stated that “The confidentiality, secrecy, and protection of information in TrueFire’s possession is one of its most important preferences. Thus, TrueFire has rigorous security steps in place to guard this information, and we are implementing notice to the section of customers who were probably affected by this incident.”

So, what do you think about this? Simply share all your views and thoughts in the comment section below. And if you liked this post, then simply do not forget to share this post with your friends, family, and on your social profiles as well.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.