Macy's has begun notifying some of its online customers that their payment details have been compromised due to Magecart code that compromised parts of their website. 

The breach notice claims that on October 15, 2019, Macy's was alerted to a suspicious connection between macys.com and another site. The Macy's security team began an investigation into the matter and claim that based on their investigation, they believe that an unauthorized third-party added unauthorized code to two of its macys.com pages on October 7, 2019. Unfortunately, this means it took Macy's over a week to learn of the security incident. 

The notice went on further to say that "The unauthorized code was highly specific and only allowed the third-party to capture information submitted by customers on the following two macys.com pages: (1) the checkout page — if credit card data was entered and “place order” button was hit; and (2) the wallet page — accessed through My Account." The code was successfully removed on October 15, 2019.

Customers impacted by this breach are likely to have had their full payment details compromised by hackers, including first and last name, address, phone number, email, payment card number, payment card security code, and expiration date. 

This gives criminals enough information to make unauthorized purchases in the victims' names and potential identity fraud scams. 

Macy's has reported the incident to those card brands affected by the breach and claims to have taken steps to prevent Magecart code from being added to its pages again. Affected customers have also been offered 12 months of free Experian IdentityWorks identity protection services. 

Macy's is just the latest in a slue of organizations to have had their website compromised by Magecart code. It was reported last month that hackers using Magecart activated online credit card skimmers to 3,126 online shops hosted by eCommerce provider Volusion. 

Every organization handling payment card data must comply with the PCI DSS Compliance Standard, which requires solutions like intrusion protection systems and file integrity monitoring (FIM)

Traditional FIM solutions take a very narrow look at Integrity and the unknown or unsuspecting consequence of “baselines” as they pertain to security breaches and checking the box of compliance mandates. They just establish a baseline to determine if any additions, modifications, or deletions have been made to the target files or directories and alert based on those changes.

There are a few problems with this - the first problem is that a baseline assumes that all the files are known to be good and originated with a high degree of trust and authenticity which is far from reality. The second problem is that changes made inside an authorized change management window have no way of validating and verifying expected or authorized change against observed change. 

NNT has introduced a number of revolutionary concepts into its SecureOps™ suite that gives FIM the “Integrity” element that's absent in other ‘so-called’ FIM solutions. It also solves the problem of “noise” and "integrity drift" all while delivering the necessary manageability and scalability where traditional solutions fall short.

 

Learn about our File Integrity Monitoring solution here

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.