Expert Insight: Magecart Attack On Macy’s Was Customized

The Magecart attack on Macy’s was so sophisticated it was customized specifically to the store’s website and targeted not only checkout, but also digital wallets according to RiskIQ as reported by CSO.

Previous detail of our expert commenray on Macy Breach is here.

Experts Comments

December 20, 2019
Mike Bittner
Associate Director of Digital Security and Operations
The Media Trust
While digital skimmers have been around for years, the customized use of skimmers in attacks that target large e-commerce businesses is more recent. But what remains the same is what bad actors exploit: website design and operations processes that pay insufficient attention to insecure or unauthorized third-party code. Bad actors know they can count on many site operators to leave open the same entry points either through bad configuration, poor security measures, or both. Until businesses take .....Read More
While digital skimmers have been around for years, the customized use of skimmers in attacks that target large e-commerce businesses is more recent. But what remains the same is what bad actors exploit: website design and operations processes that pay insufficient attention to insecure or unauthorized third-party code. Bad actors know they can count on many site operators to leave open the same entry points either through bad configuration, poor security measures, or both. Until businesses take third-party code risks more seriously and continually monitor third-party code to keep out unauthorized activities, these attacks will continue simply because their success is almost guaranteed.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.