Rooster Teeth, a company that makes podcasts, animated shows and short-form content for distribution along with an online store that sells merchandise, has been hit with a Magecart attack on their online store that was able to siphon off credit card information from customers.
The recent Rooster Teeth data breach illustrates how the Magecart threat continues to evolve while often targeting organizations through their third parties. In this case, malicious code introduced on the company’s Shopify-based online store directed users to a fake payment page, where they were asked to enter their credit card information. But it also points to good news, which is that companies are clearly beginning to take this threat seriously. It’s encouraging that Rooster Teeth’s IT team was able to discover and remove the malicious code on the same day it was introduced. Organizations can learn from this example, and should be sure to put processes in place to manage and review susceptibility to the Magecart threat through third-parties.