Madison Square Garden, the multi-purpose indoor arena that’s played host to countless major entertainment and sporting events over the years (the most recent of which being UFC 205), recently uncovered evidence that its payment processing system has been compromised for the better part of the past year.

In a statement on the matter, the Madison Square Garden Company (MSG) said that after it was notified that payment card issuing banks had identified a transaction pattern, they launched an investigation to hunt down the vulnerability.

In addition to the breach, investigators found an installed program designed to look for payment card data as it is being routed through the system for authorization.

Anyone that used a payment card in person to purchase food and beverage items as well as merchandise at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater or Chicago Theater between November 9, 2015 and October 24, 2016 may have had their credit card number, cardholder name, expiration date and internal verification codes exposed. The company didn't say how many cards may have been affected.

MSG notes that not all cards used during this time frame were affected. What’s more, the breach did not impact those who used cards on MSG websites, at the venues’ Box Offices or on Ticketmaster.

The company said it is working with law enforcement and has since stopped the incident with help from computer security firms.

Lead image courtesy Anthony Causi