Claire’s, Intersports Retail Websites Breached – Online Privacy Experts Comment

By   ISBuzz Team
Writer , Information Security Buzz | Jun 16, 2020 02:18 am PST

Hacker groups that engage in web skimming (also known as Magecart) attacks have breached the web stores of two of the world’s biggest retail chains — accessories store Claire’s and sporting goods retailer Intersport. According to reports published today by security firms Sanguine Security and ESET, hackers breached the two companies’ websites and hid malicious code that would record payment card details entered in checkout forms.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Brent Johnson
Brent Johnson , CISO
June 16, 2020 10:31 am

There are several prevention techniques for Magecart attacks, and of course the attacks constantly evolve. Depending on the size and sophistication of a website, prevention can become very difficult. Deploying a File Integrity Monitoring (FIM) solution on the retailer’s website that detects changes to hosted content/files is a good place to start; however, that doesn’t help if the site relies on third party code for hosted features (such as chat windows, shopping carts, etc). If your site relies on code from a third party that’s been infected, the result is the same.

Last edited 3 years ago by Brent Johnson
Chris Hauk
Chris Hauk , Consumer Privacy Champion
June 16, 2020 10:21 am

Data skimming attacks like these underscore the need for online shoppers to remain ever vigilant. I strongly recommend all online shoppers to pay close attention to their monthly statements, monitoring them for suspicious charges. Users should also set up alerts on their credit and debit cards when available, and invest in credit monitoring, which will alert you to skimming incidents like these, as well as more traditional data breaches.

Last edited 3 years ago by Chris Hauk
Paul Bischoff
Paul Bischoff , Privacy Advocate
June 16, 2020 10:19 am

Web skimming attacks like these are particularly effective because victims have no way of knowing that the store pages are infected. Unlike phishing attacks or malware targeting end users, card skimming attacks often can\’t be detected and leave no trace of evidence on the victim\’s device. From a customer\’s perspective, the checkout process looks and functions like it would if it were not infected. Only the website operator can remove Magecart malware. For the attacker, web skimming has the added benefit of ensuring that all of the stolen customer data is valid and up to date, which is often not the case with data breaches in which stolen information can be months or years old.

Last edited 3 years ago by Paul Bischoff

Recent Posts

Would love your thoughts, please comment.x