Breached Online Ordering Platforms Expose Hundreds Of Restaurants

BACKGROUND:

Breached online food ordering platforms have exposed hundreds of restaurants, according to researchers.

Experts Comments

May 04, 2021
Kim DeCarlis
CMO
PerimeterX

Magecart attacks on food delivery services are extremely common and the COVID-19 pandemic has only made things worse as online traffic has surged to these sites - many of which saw 41% growth at the beginning of the pandemic as home-bound consumers dealt with their new reality. In this case, attackers targeted a vulnerable platform that was common to multiple food delivery services, making it easy for them to harvest payment card information and use it on other sites, or sell that card

.....Read More

Magecart attacks on food delivery services are extremely common and the COVID-19 pandemic has only made things worse as online traffic has surged to these sites - many of which saw 41% growth at the beginning of the pandemic as home-bound consumers dealt with their new reality. In this case, attackers targeted a vulnerable platform that was common to multiple food delivery services, making it easy for them to harvest payment card information and use it on other sites, or sell that card information to others on the Dark Web. 

 

Today, as much as 70% of the code used to build a website or web app can come from a third party. As such, it is critical that site and app owners understand the origin of their code to ensure it is secure. Additionally, they should look at tools that give constant visibility to the scripts that run on their site and look for changes in behavior - in this case, planting malicious code within scripts that sends payment card or PII information to an unapproved site - and take action to stop it. This is critical for both consumer trust and to avoid the fines and penalties associated with data breaches.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.