Pacers Sports & Entertainment has been hit with an email phishing attack that may have exposed personal information on customers, the firm announced on Monday.
Pacers noticed suspicious email activity last November, and took measures to secure the affected email accounts with the help of third-party forensic experts, it says.
The firm has determined that a bad actor or actors accessed a limited number of accounts without authorization between October 15, 2018 and December 4, 2018.
The exposed information may have included name, address, date of birth, passport number, medical and/or health insurance information, driver's license/state identification number, account number, credit/debit card number, digital signature, and/or username and password.
Social Security numbers may also have been revealed on a limited number of accounts, Pacers adds.
The company says there is no evidence that any of this information has been misused.
Pacers says it is notifying affected individuals and offering them access to free credit monitoring and identity protection services.
It is not clear why the company has waited until now to publicly reveal the breach. It says it began working on determining contact information on individuals so it could notify them as soon as the incident was discovered.