Between August 14th and September 18th 2018, popular US computer hardware and electronics retailer Newegg experienced a data breach affecting the credit card details and personal information of their customers. It is not yet known how many people were affected, but due to the length of the breach, investigations are ongoing.
Yonathan Klijnsma, RiskIQ threat researcher said:
“The breach of Newegg shows the true extent of Magecart operators’ reach. These attacks are not confined to certain geolocations or specific industries—any organisation that processes payments online is a target. We can assume this attack claimed a massive number of victims.”
Their investigation discovered a 15-line card-skimming code used on Newegg’s payment page which was almost identical to those used in previous attacks. The skimmer was merged with Newegg’s actual payment processing page so that it could be concealed from recognition. As customers entered their card details during the checkout process, the attackers were able to send the data through to their ‘fake’ site before the transaction took place.
RiskIQ and Volexity are keeping a close eye on Magecart breaches, with quick detection alerts to resolve any issues as rapidly and effectively as possible. Although, with hackers’ ability to evolve and improve their methods over time, the capability of spotting a breach before it has done significant damage can still prove difficult. It’s clear that organizations must continuously review their payment channels and take appropriate precautions to reduce the probability of a data breach.
An effective way of doing this is to take any sensitive data associated with the organization “out of scope”, meaning it never actually enters their networks or environment. This can be done using a third-party secure payment solutions provider, such as Key IVR, which ensures payments are processed safely and securely at every point of the transaction.