Macy's has begun notifying some of its online customers that their payment details have been compromised due to Magecart code that compromised parts of their website. 

The breach notice claims that on October 15, 2019, Macy's was alerted to a suspicious connection between macys.com and another site. The Macy's security team began an investigation into the matter and claim that based on their investigation, they believe that an unauthorized third-party added unauthorized code to two of its macys.com pages on October 7, 2019. Unfortunately, this means it took Macy's over a week to learn of the security incident. 

The notice went on further to say that "The unauthorized code was highly specific and only allowed the third-party to capture information submitted by customers on the following two macys.com pages: (1) the checkout page — if credit card data was entered and “place order” button was hit; and (2) the wallet page — accessed through My Account." The code was successfully removed on October 15, 2019.

Customers impacted by this breach are likely to have had their full payment details compromised by hackers, including first and last name, address, phone number, email, payment card number, payment card security code, and expiration date. 

This gives criminals enough information to make unauthorized purchases in the victims' names and potential identity fraud scams. 

Macy's has reported the incident to those card brands affected by the breach and claims to have taken steps to prevent Magecart code from being added to its pages again. Affected customers have also been offered 12 months of free Experian IdentityWorks identity protection services. 

Macy's is just the latest in a slue of organizations to have had their website compromised by Magecart code. It was reported last month that hackers using Magecart activated online credit card skimmers to 3,126 online shops hosted by eCommerce provider Volusion. 

Every organization handling payment card data must comply with the PCI DSS Compliance Standard, which requires solutions like intrusion protection systems and file integrity monitoring (FIM)

Traditional FIM solutions take a very narrow look at Integrity and the unknown or unsuspecting consequence of “baselines” as they pertain to security breaches and checking the box of compliance mandates. They just establish a baseline to determine if any additions, modifications, or deletions have been made to the target files or directories and alert based on those changes.

There are a few problems with this - the first problem is that a baseline assumes that all the files are known to be good and originated with a high degree of trust and authenticity which is far from reality. The second problem is that changes made inside an authorized change management window have no way of validating and verifying expected or authorized change against observed change. 

NNT has introduced a number of revolutionary concepts into its SecureOps™ suite that gives FIM the “Integrity” element that's absent in other ‘so-called’ FIM solutions. It also solves the problem of “noise” and "integrity drift" all while delivering the necessary manageability and scalability where traditional solutions fall short.

 

Learn about our File Integrity Monitoring solution here

The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.