Call Now 888.400.5530

ITRC-logo-color-final
Search
Close this search box.

Magecart Data Breaches Grow in Popularity

Date: 07/07/2020

Data breaches can come in all different forms. Some occur from ransomware attacks and formjacking, while others are related to security lapses at third-party vendors or cyberattacks using stolen credentials. Hackers are always thinking of new ways to target and attack businesses and consumers. Magecart data breaches have grown as the years have gone by. One of the most notable Magecart attacks was on Macy’s in October 2019 when web skimmer malware was discovered on Macy’s website collecting customers’ payment card information.

Magecart is a particular type of malware used by hacking groups that targets the payment information entered into forms on various websites while allowing the transaction to complete without the consumer being any wiser. Magecart hacks third-party components that are common on e-commerce sites. According to Forbes, by October 2019, over 18,000 websites had been infected with Magecart card skimming malware. In the article, RiskIQ said they had spotted Magecart skimmers in action more than two million times. Other notable Magecart data breaches include attacks on the Baseball Hall of Fame, international hotel chains, Ticketmaster and British Airways.

While Magecart attacks will continue, businesses should do their part to protect their customers’ data, and consumers must also exercise caution. According to SC Media, cybersecurity teams at businesses should consider a variety of defenses that limit the risk of threat actors taking advantage of software flaws to infiltrate websites.

Consumers also have a role to play in helping thwart payment information theft, starting with being cautious about where to use payment cards online. Consumers should also consider using newer payment technologies that have more built-in security features than traditional credit and debit cards. Digital wallets like Apple Pay and Google Pay, along with “virtual” payment cards that rely on random, single-use card numbers make card information useless to identity thieves.  

While cyberattacks constantly evolve, it is important for businesses and consumers to also change to ensure their information is safe. If anyone has questions or believes they might be the victim of a Magecart data breach, they can live-chat with an Identity Theft Resource Center expert advisor. They can also call toll-free at 888.400.5530. Data breach victims will get guidance on the next steps they need to take. Finally, victims can also download the free ID Theft Help App, which includes a case log to track the steps taken, additional resources to refer to, instant access to an advisor and much more.

You might also like…

Stalker Data Breach Leads to Sale of Users’ Credentials

Non-Traditional Data Compromises Make Up the Latest Week of Breaches

Mystery Shopper Scams Surface During COVID-19

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the In the Loop.

notified-ad.png

Get ID Theft News

Stay informed with alerts, newsletters, and notifications from the Identity Theft Resource Center

notified-ad.png
© Copyright 2024- Identity Theft Resource Center

This product was produced by the ITRC under 2018-V3-GX-K007, awarded by the Office for Victims of Crime, Office of Justice Programs, U.S. Department of Justice. The opinions, findings, and conclusions or recommendations expressed in product are those of the contributors and do not necessarily represent the official position or policies of the U.S. Department of Justice. View more about our copyright info here.