Macy’s breach is a game changing Magecart attack

By GIXnews

The payment card breach that hit Macy’s online store in October was the result of a highly targeted and custom-built Magecart attack that could set the trend for web skimmers going forward, researchers believe.

[ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ]

On November 14, US department store chain Macy’s alerted customers of a security breach discovered in October on its website that led to the compromise of payment card details and customer information, including full names, addresses, telephone numbers and email addresses. At the time, the company described the breach as consisting of highly specific unauthorized code injected into the checkout and wallet pages on Macys.com with the goal of capturing information submitted by customers — in other words what the security industry calls a web skimming attack.

To read this article in full, please click here

Source:: IT news – Security