STE WILLIAMS

An online beauty store owned by Procter Gamble was compromised by Magecart in May in a campaign that only ended today. First Aid Beauty, a site purchased by PG earlier this year, went offline following notification of the attack from security researcher Willem de Groot.

First Aid Beauty used the Magento e-commerce platform, which patched 56 security vulnerabilities earlier in October. In the heavily obfuscated attack code, de Groot says, the criminals selected specifically for US customers and remained dormant when a user connected from a Linux system.

The malicious code captured included card number, expiration date, card owner name, and CVV code — everything required for a “card not present” credit card transaction.

For more, read here.

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/attacks-breaches/online-beauty-store-hit-by-magecart-attack/d/d-id/1336183?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple