Hanna Anderson, a company that offers children’s clothes online, has been the target of a Magecart attack wherein their customers’ credit card information was stolen as they were making purchases. The attack was discovered after the credit cards were found for sale on the dark web.
Mike Bittner, Associate Director of Digital Security and Operations, The Media Trust
January 22, 2020
We need to call these attacks what they are: digital supply chain attacks. Some attacks use the same or similar code as Magecart, but a far greater number use a wide array of advanced techniques to redirect online shoppers and readers. Until companies take the insecurity of their digital supply chains seriously and monitor the code that runs on their sites, these attacks will continue. There's n ....We need to call these attacks what they are: digital supply chain attacks. Some attacks use the same or similar code as Magecart, but a far greater number use a wide array of advanced techniques to redirect online shoppers and readers. Until companies take the insecurity of their digital supply chains seriously and monitor the code that runs on their sites, these attacks will continue. There's no other way to prevent these attacks than to allow only trusted digital vendors to run code on your site, as well as closely watch and regulate all the code that these vendors and their own digital third parties run to make sure they all follow your policies. By doing so, they will address not only security risk, but also quality and performance risks that can degrade their site’s user experience.
Robert Capps, VP , NuData Security
January 22, 2020
Many websites, especially retailers, are suffering from Magecart-like attacks as hackers evolve the malware in an effort to steal credit card information on the web. With these continuous attacks, customers should check their credit card statements regularly or apply for a new one right away if theirs’ has been compromised. Once stolen, these card numbers are sold on the dark web for future frau ....Many websites, especially retailers, are suffering from Magecart-like attacks as hackers evolve the malware in an effort to steal credit card information on the web. With these continuous attacks, customers should check their credit card statements regularly or apply for a new one right away if theirs’ has been compromised. Once stolen, these card numbers are sold on the dark web for future fraudulent purchases. Companies can mitigate fraudulent transactions by identifying customers through their online behavior instead of relying on credentials or credit card numbers. This method allows companies to block transactions from credit cards that have been stolen.
