For the past 30 months, an online printing platform with a cover store for well-known magazines has been constantly infected with malicious scripts that steal customer payment card data. At least 18 skimmers or sniffers – scripts that copy credit card info at checkout, were identified since August 2017 on Reprint Mint photo store that prints covers of ESPN sports magazine and of the American military publication Stars and Stripes.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
The recent Magecart attack on Reprint Mint illustrates just how easy it is for hackers to steal data from eCommerce customers. In this case, at least 18 scripts were used at different times to steal payment information, and the scripts remained undetected over 30 months. We have seen that MageCart targets online retailers because payment data is easily stolen during checkout, often through third parties. In addition, small retailers like Reprint Mint are particularly vulnerable, because often they lack the proper security. To prevent such attacks, companies of all sizes must clearly put processes in place to assess and continuously monitor their cyber posture.