It’s bad enough when an online platform like a social network or game gets hacked. But when an online store — and all of its customers’ payment information — finds its way into hackers’ hands, you have an absolute disaster in the making.
Cyberattacks on e-commerce websites are becoming more common each year. Some of them involved direct hacks of their victims, while others involve rigging websites to steal credit card details and personal data when shoppers type them. Tap or click here for a rundown on some of last year’s biggest eCommerce hacks.
And now, one of the biggest e-commerce hacks since 2015 has targeted a system that thousands of online stores rely on: Magento. Thanks to an issue with an outdated version, almost 2,000 stores were altered to steal credit card info from customers. Here’s how we think it happened, and what you can do to stay safe.
The ultimate MageCart attack?
A new report by researchers at Sanguine Security showed nearly 2,000 separate online stores were compromised in what it’s calling the largest automated MageCart campaign ever.
For those who don’t know, a MageCart attack involves compromising an online store so the check-out page will steal data typed in by customers — especially credit card details. Tap or click here for more details on how this cyberattack pattern works.
These websites all had one thing in common: A back-end system controlled by Magento, a powerful e-commerce platform owned by Adobe. The majority of the hacked sites were using an outdated model of Magento that lacked some of the security features included in the latest version. These flaws were exploited by hackers to carry out the attacks…Read more>>