Macy’s Hacked and Customer Credit Card Information Stolen
20 Nov 2019
Approx Reading time: 3 minutes
- Hackers steal credit card information of Macy’s Customers
- Macy's indicates it has completed an investigation on the breach and it will offer free credit monitoring for customers for a whole year
- The proliferation of credit card attacks a concern especially this holiday season
Macy’s has experienced a data breach involving several credit cards for the second time. The chain store becomes the latest to be hit by a “Magecart” attack.
Hackers steal Macy’s customers’ credit card information
The hackers stole credit card details of customers, such as phone numbers, names, and addresses. Also, they siphoned off credit card numbers, verification codes, as well as the expiry date. Hackers inserted malicious code in the stores' website on October 7 to the "My Wallet" and "Checkout" page. The "unauthorized code" infected the system allowing it to capture credit card data and send it to hackers.
The store chain indicated that it discovered the breach on October 15, almost a week after it had happened. Macy's has not reported how many customers the breach affected, but it could be thousands of customers.
Also read: Payday Loan Lender Non-Standard Finance Issues Profit Warning
Macy's has indicated that it is currently investigating the breach. Also, the company has added that it has taken measures to prevent such breaches in the future. The company has offered affected customers free credit monitoring for one year as a remedial measure. Macy’s indicated that it had already notified all customers affected and provided consumer protections to them.
Concerns about the breach ahead of the holiday season
The breach is worrying, considering it released personal identification information to the hackers. As a result, a combination of this data with other information could offer hackers what they require to commit identity theft. Equally, this is a season when the retail industry is susceptible to fraud from criminals as we approach the holiday season. Hackers could use the information to take over retail accounts of customers and also use the stolen information to commit fraud against e-retailers.
It shows how hackers have advanced by breaching websites with credit card skimming malware. It is not yet clear who is behind the theft of the credit cards, but Magecart could be responsible. In recent years the hacking group has been the face behind the most significant credit card hacking efforts. Some of the notable hacks include Newegg, American Cancer Society, Ticketmaster, British Airways, and Aerogarden. Their hacks involve compromising the legitimate online store of the company and stealing credit card information.
The proliferation of credit card attacks
In recent times there has been a proliferation of online skimming attacks that have affected over 18,000 domains. As a result of the growing attacks, the FBI issued a warning regarding the emergence of cyber theft. Therefore the intelligence agency is urging businesses to instate adequate security measures to protect their companies and clients.