Security researchers have discovered an automated Magecart digital skimming campaign that compromised over 960 e-commerce stores in less than 24 hours.
Sanguine Security Labs found that the widespread Magecart campaign breached almost 962 e-commerce stores customers' payment details, including full credit card data, names, phone numbers, and billing addresses.
Attackers inserted a customized Javascript on hundreds of e-commerce sites, which acted as a fake credit card payment section and was ultimately designed to collect e-commerce customers' payment details.
This represents the largest automated campaign to date - the previous was held with 700 e-commerce stores. Researchers believe this indicates a highly automated operation, as the attackers had only 24 hours victims have been found from all over the world.
Last year Sotheby's, the popular British auction house, announced its website had been infected with the digital skimming code. The code had been found on the site since March 2017 and was removed in October 2018.
Operating an e-commerce site comes with responsibilities, especially when payment card information is involved. Every organization dealing with payment card transactions must abide by the PCI DSS Compliance Standard, which included protections like intrusion protection systems and the understanding of requirements and responsibilities of the merchant.
NNT makes achieving PCI DSS compliance a painless process by combining System Hardening, Event Log Management, Change & Configuration Management, and File Integrity Monitoring (FIM) into one fully featured solution
New Net Technologies (NNT) is now part of Netwrix