Home News Hackers use Magecart attack to compromise online stores in US and Canada

Hackers use Magecart attack to compromise online stores in US and Canada

Data leak

A hacker group named Magecart is responsible for the recent data breach that impacted 201 online campus stores in the United States and Canada. According to the cybersecurity firm Trend Micro, the attackers allegedly used a skimming script, a malicious code, designed to steal the data from 201 online stores that were catering to 176 colleges and universities in the U.S. and 21 in Canada.

The security researchers at Trend Micro stated that they detected the attack, dubbed as Magecart attack, against multiple campus online store websites on April 14, 2019, which were injected with a malicious skimming at their payment checkout pages. The hackers use skimming script to compromise the card information and personal details entered on the payment page by users. Trend Micro stated the attackers also compromised PrismWeb, an e-commerce platform designed for college stores by PrismRBS.

The researchers at Trend Micro disclosed their findings to PrismRBS. “On April 26, 2019, PrismRBS became aware that an unauthorized third-party obtained access to some of our customers’ e-commerce websites that PrismRBS hosts. Upon learning of this incident, we immediately acted to halt the current attack, initiated an investigation, engaged an external IT forensic firm to assist in our review, notified law enforcement and payment card companies. Our investigation is ongoing to determine the scope of the issue, including who and what information may have been impacted. Based on our review to date, we have determined that an unauthorized party was able to install malicious software designed to capture payment card information on some of our customers’ e-commerce websites,” the company said in a statement.

“We are proactively notifying potentially impacted customers to let them know about the incident, the steps we are taking to address the situation, and steps they can take to protect their end users.  We are taking steps to further strengthen the security of our systems, including enhanced client-side and back-end monitoring tools and a comprehensive end-to-end audit of our systems. Once our investigation concludes, we will be providing our customers with additional information and guidance,” the statement added.