Expert On US Local Government Services Targeted By New Magecart Attack

By   ISBuzz Team
Writer , Information Security Buzz | Jun 29, 2020 02:07 am PST

According to researchers, eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. The  compromised sites appear to have been built using Click2Gov, a web-based platform used by local governments to provide services such as community engagement, issues reporting, and online payment for local governments. Residents can use the platform to pay for city services, such as utilities.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Deepak Patel
Deepak Patel , Security Evangelist
June 29, 2020 10:09 am

Attackers continue to exploit web servers to inject skimming code on websites. Any website where users are providing personal information like credentials or payment information is valuable to attackers. While Magecart attackers are getting a lot of visibility, the same techniques can be used to skim any data provided by users on any website. The recent discoveries are just the tip of the iceberg. Such attacks that bypass the web infrastructure of the website owner and typically exploit third-party scripts on the website are only getting started. If your website handles user payment information or any PII data, it is paramount to address these threats by investing in real-time client-side visibility for all the first,- third,- fourth- or fifth-party scripts powering your website.

Last edited 3 years ago by Deepak Patel

Recent Posts

Would love your thoughts, please comment.x