As reported by BBC News, parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to about 300 schools have been affected by the scam.
The hacker had managed to find a “backdoor” into the system’s database and had modified one page. As a result, when users clicked to make a payment, they were redirected to an external page controlled by the attacker.
“The threat landscape for any organisation is massive and finding gaps in security is simply a cat and mouse game for hackers. When it comes to financial organisations, they are seen as a lucrative target as they hold highly sensitive information and have a mandate to protect the personal information of their customers. With WisePay being a financial organisation aimed at the education sector, this proved to be a gold mine for hackers.
“No company is immune from the dangers of being compromised. It’s essential that any potential target understands as much as they can about the threats they face and the tools needed to ensure they remain secure. Organisations must prioritise knowing where adversaries are, the tools and techniques they use, and what information adversaries think are most valuable.
“However, while financial organisations tend to operate with security front of mind, there is still an opportunity to collaborate more within the industry and increase intelligence sharing so they understand as much as they can about the threats they are facing.
“By having a direct understanding on the threats they face, financial institutions will be able to develop strategies that address attacks and respond quicker to limit the impact of adversaries.”
Payment card-skimming malware continues to be a security challenge for retailers around the globe. Unfortunately, when armed with payment card information or personally identifiable information (PII), malicious parties can make fraudulent purchases, sell said data on the dark web for a quick profit, and much more.
A staggering 59% of consumers reuse passwords across multiple accounts. This means that if a cybercriminal appropriates a single password, they can potentially gain access to a user\’s accounts across a number of retailers and services where said password is reused. Users impacted by this incident should change their passwords on all of the accounts where they use these now exposed credentials, and avoid re-using passwords across different accounts altogether.
Companies must deploy security solutions that can prevent data leakage; for example, cloud access security brokers (CASBs) that provide features like cloud security posture management (CSPM), data loss prevention (DLP), user and entity behaviour analytics (UEBA), and encryption of data at rest. With these types of capabilities, businesses and consumers can be certain that their data is truly secure as they make purchases.
These attacks cleverly penetrate a website and take copies of all payments with ease and without the owners’ knowledge. It once again highlights the importance of due diligence for all websites handling people’s personal information, particularly financial.
The exposure of financial data can be very damaging, particularly to those who don’t take any notice of the given security advice. Anyone affected by this breach should contact their bank for a replacement card, or at least follow the bank’s fraud prevention advice.