- Almost three hundred Magecart e-commerce platforms have had their customers’ payment data stolen.
- The attacks occurred between January 1 and 5, catching the protection mechanisms off guard.
The skimming activities didn’t occur in a random day of the year, but between January 1 and 5, culminating in the first day of 2019. The obvious reason for this timing is the fact that most e-commerce platforms have their IT understaffed on January the 1st, and so are many security auditing and attack monitoring firms. For hackers, staying concealed is vital, and whatever way strengthens this factor is applicable. Magecart Group 12, however, didn’t just rely on timing, but they also incorporated two obfuscated scripts in their skimming toolkit, one of which is specifically developed to play an anti-reversing role.
From the 277 e-commerce platforms that were affected, the vast majority are French websites (79%), but various websites from other European countries have also leaked the payment data of their customers. The number of affected customers is estimated to be on the level of millions, and the platforms are now expected to inform their customers of the fact that their payment card details have been stolen, also involving the financial institutions on the issuing of new payment cards. This process will hurt the reputation of the particular platforms and will undermine the trust that their customers may have towards them, even though they may not be directly liable for failing to assure the safety of their customers’ data. British Airways and Newegg suffered similar attacks in recent times, and are still on the way to recover their trustworthiness to their customers.