Experts Comments On Macy's Customer Payment Info Stolen In Magecart Breach

Experts Comments (7)
Macy's has disclosed a data breach  - their web site was hacked with malicious scripts that steal customer's payment information. In Magecart attacks,  hackers compromise web sites to inject malicious JavaScript scripts into various sections of the web site. These scripts then steal payment information that is submitted by a customer. The 'Notice of Data Breach' issued by Macy's said their web site was hacked on October 7th, 2019 and a malicious script was added to the 'Checkout' and 'My Wallet' pages. If any payment information was submitted on these pages while they were compromised, the credit card details and customer information was sent to a remote site under the attacker's control.