Late Wednesday, February 12th 2025 hackers used the Equine.com Stripe API keys to try and charge stolen credit cards.
While Stripe’s fraud detection system caught many of the attempted charges, some were successful. The charges, most of which were micro-transactions of $1, .50, would have appeared as coming from “Equine Network” on bank and credit card statements.
Once we discovered the issue we engaged with Stripe’s information security team to block the exploit and let Stripe begin forensic analysis. All money charged has since been refunded. At no point was Equine Network or Equine.com personal or payment information leaked or system breached. Card holder information associated with the successful charges was not shared with us which made reaching out to victims of this fraud impossible. This is why we’ve created this webpage to explain what happened.
We understand this is a disconcerting event and we are disappointed that Stripe’s fraud detection system did not block these atypical transactions (unusual volume, unusual amounts and unusual origin IP’s). We continue to work with Stripe’s InfoSec team to identify the root cause and prevent any further exploits.
Sincerely,
Equine Network
