Macy’s Customer Payment Info Stolen in Magecart Data Breach

Lawrence Abrams reports:

Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information.

This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections of the web site. These scripts then steal payment information that is submitted by a customer.

According to a ‘Notice of Data Breach‘ issued by Macy’s, their web site was hacked on October 7th, 2019 and a malicious script was added to the ‘Checkout’ and ‘My Wallet’ pages.

Read more on BleepingComputer.

About the author: Dissent

Comments are closed.