Miniatur Wunderland Targeted by Cyberattack
Miniatur Wunderland’s online booking system in Hamburg fell victim to a cyberattack that compromised customer payment information. The investigation into the breach is ongoing.
Details of the Incident
According to the exhibition’s spokesperson, cybercriminals managed to infiltrate the ticket booking system and manipulate data transfers between Miniatur Wunderland’s server and its payment provider. This interference allowed malicious code to intercept credit card details during transactions.
“Unknown individuals have inserted malicious code into a module of our online ticket booking system. No credit card data stored with us was stolen—we do not store any payment data locally,” Miniatur Wunderland stated.
“According to the current status, the data traffic between our server and the payment service provider was manipulated, allowing the malicious code to read data during the payment process.”
Response and Ongoing Investigation
As a precaution, Miniatur Wunderland notified all visitors who purchased tickets during the affected timeframe and reported the incident to the relevant data protection authority. Police and external forensic experts are analyzing how the breach occurred and assessing its full scope.
“All systems were immediately cleaned after confirmation of the initial suspicion and replaced with completely new systems within 72 hours.”
Aftermath
Following prompt detection, the company expelled the attackers and reinforced its IT systems to prevent further compromise. The exhibition continues to work closely with authorities to strengthen its cybersecurity infrastructure.
Author’s Summary
A cyberattack on Miniatur Wunderland exposed payment data by intercepting traffic between servers and a payment provider; the company swiftly cleaned systems and notified those affected.