Macy's Customer Payment Info Stolen in Magecart Data Breach
by umerkhan - November 19, 2019 at 02:52 PM
#1
According to a Notice of Data Breach' issued by Macy's, their web site was hacked on October 7th, 2019 and a malicious script was added to the 'Checkout' and 'My Wallet' pages. If any payment information was submitted on these pages while they were compromised, the credit card details and customer information was sent to a remote site under the attacker's control.

Macy's states that they were alerted to this hack on October 15th, 2019, a full week after the site was breached and attackers were collecting payment information.

After the web site was cleaned, Macy's notified law enforcement and hired "a leading class forensics firm" to help with their investigation. They have also contacted all relevant credit card brands including Visa, American Express, Discover, and Mastercard to notify them of this breach.
#2
Thanks for this information bro. So i should check my creditcard bill.
#3
(November 19, 2019 at 03:27 PM)sminor9 Wrote: Thanks for this information bro. So i should check my creditcard bill.

You are welcome
#4
so even after this, they still havent added an SRI checksum when including https://www.macys.com/js/min/common/util...rrorLog.js
#5
Thanks for your notification.
#6
hardworking hacker ... SECURITY UP ⬆️
#7
A classic CC skimming. Thanks for the post.
#8
there have been some very nice attacks in recent months ..
go ahead guys

Possibly Related Threads…
Thread Author Replies Views Last Post
Australian ISP (TPG) Data Breach - April 2021 Poor 7 1,307 10 hours ago
Last Post: slut
Volkswagen discloses data breach impacting 3.3 million Audi drivers umerkhan 1 3,864 June 24, 2021 at 08:33 AM
Last Post: notcompleted
Geico data breach exposed customers’ driver’s license numbers for more than a month umerkhan 8 3,078 May 06, 2021 at 11:34 AM
Last Post: h0wever

 Users browsing this thread: 1 Guest(s)