AeroGrow that makes AeroGarden smart countertop gardens, has informed customers that it has found credit card skimming malware on their website and has eliminated the problem, but credit card numbers may have been compromised between the end of October through the beginning of March 2019.
"AeroGarden website had credit card scraping malware for more than four months." These attacks are happening more frequently than ever before. Make sure your customers' data is secure and PROPERLY backed up, meaning inaccessible to a breach from malware. #DataSecurity https://t.co/wzZogMTXma
— SEP Software (@SEP_Software) April 5, 2019
Ryan Wilk, VP of Customer Success at NuData Security:
“Many websites are suffering from Magecart-like attacks as hackers evolve the malware in an effort to steal credit card information on the web. Customers should check their credit card statements or apply for a new one right away. Once stolen, these card numbers are sold on the dark web for future fraudulent purchases. Companies who accept payments online can mitigate the damage by also identifying customers by their online behavior instead of relying on credentials or credit card numbers. This method allows companies to block transactions from credit cards that have been stolen.”