Data breaches can come in all different forms. Some occur from ransomware attacks and formjacking, while others are related to security lapses at third-party vendors or cyberattacks using stolen credentials. Hackers are always thinking of new ways to target and attack businesses and consumers. Magecart data breaches have grown as the years have gone by. One of the most notable Magecart attacks was on Macy’s in October 2019 when web skimmer malware was discovered on Macy’s website collecting customers’ payment card information.

Magecart is a particular type of malware used by hacking groups that targets the payment information entered into forms on various websites while allowing the transaction to complete without the consumer being any wiser. Magecart hacks third-party components that are common on e-commerce sites. According to Forbes, by October 2019, over 18,000 websites had been infected with Magecart card skimming malware. In the article, RiskIQ said they had spotted Magecart skimmers in action more than two million times. Other notable Magecart data breaches include attacks on the Baseball Hall of Fame, international hotel chains, Ticketmaster and British Airways.

While Magecart attacks will continue, businesses should do their part to protect their customers’ data, and consumers must also exercise caution. According to SC Media, cybersecurity teams at businesses should consider a variety of defenses that limit the risk of threat actors taking advantage of software flaws to infiltrate websites.

Consumers also have a role to play in helping thwart payment information theft, starting with being cautious about where to use payment cards online. Consumers should also consider using newer payment technologies that have more built-in security features than traditional credit and debit cards. Digital wallets like Apple Pay and Google Pay, along with “virtual” payment cards that rely on random, single-use card numbers make card information useless to identity thieves.  

While cyberattacks constantly evolve, it is important for businesses and consumers to also change to ensure their information is safe. If anyone has questions or believes they might be the victim of a Magecart data breach, they can live-chat with an Identity Theft Resource Center expert advisor. They can also call toll-free at 888.400.5530. Data breach victims will get guidance on the next steps they need to take. Finally, victims can also download the free ID Theft Help App, which includes a case log to track the steps taken, additional resources to refer to, instant access to an advisor and much more.


You might also like…

Stalker Data Breach Leads to Sale of Users’ Credentials

Non-Traditional Data Compromises Make Up the Latest Week of Breaches

Mystery Shopper Scams Surface During COVID-19