Cyber Incident Victim: converse.com.au
Date:
Sep 2016
Location:
Australia
Summary
The Converse e-commerce site in Australia experienced a security breach where hackers deployed malware to intercept payment card information from customers making purchases over a two-month period. The incident affected the locally licensed operator Conquest Sports, which promptly remediated the issue upon discovery, though payment details were compromised during transactions. No other global Converse sites were impacted by this attack.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Converse e-commerce site for Australia and New Zealand, converse.com.au, experienced a security breach involving malware that targeted customer payment card information. The compromise occurred between September 2 and October 12, 2016, with attackers intercepting payment details from visitors who made purchases during this period. Conquest Sports, the licensee operating the Converse-branded site in the region, disclosed the incident after being alerted to the intrusion. Security researcher Troy Hunt publicly shared a customer notification letter from the company confirming the malware's focus on harvesting payment data. Conquest Sports detected the breach on October 12, 2016, and implemented remediation measures the same day to eliminate the malicious code. The company's prompt containment limited the exposure window to approximately six weeks of transaction data. No evidence suggested broader compromise of Converse international platforms outside the Australia-New Zealand jurisdiction managed by Conquest Sports.
The incident coincided with Australia's response to its largest recorded data breach at the time, involving the Australian Red Cross Blood Service, though the two events were unrelated. Conquest Sports confirmed the attackers specifically targeted financial information through malware designed to capture payment details during online transactions. While the notification letter did not specify the number of affected customers, it emphasized the theft of payment card data rather than personal identifiers. The breach's confined geographic scope prevented impact on Converse's global operations outside the licensed territory. Potential consequences for victims included fraudulent charges and card misuse, though the company did not report observed instances of such activity. The compromised data's utility for financial fraud contrasted with the contemporaneous Red Cross breach, which exposed highly sensitive health information alongside personal identifiers usable for targeted phishing campaigns. Conquest Sports' disclosure marked one of several high-profile Australian cybersecurity incidents during this period, reflecting heightened regional threat activity targeting consumer-facing platforms.