As reported by BBC News, parents who made payments to UK schools in recent days via the Wisepay service have been warned their card details have been compromised. Wisepay said a hack of its website meant an attacker was able to harvest payment details between 2 and 5 October via a spoof page. Attempted payments to about 300 schools have been affected by the scam.
The hacker had managed to find a “backdoor” into the system’s database and had modified one page. As a result, when users clicked to make a payment, they were redirected to an external page controlled by the attacker.