Privacy: Macy’s announces Magecart data breach

November 20 12:29 2019 Print This Article

According to a “Notice of Data Breach” issued by Macy’s, online customers had their card details skimmed due to a Magecart attack.

The US department store stated that it was alerted of a data breach on October 15, 2019 regarding a suspicious connection between and another website.

Following an investigation, it is believed that an unauthorised third party added malicious script to two pages on on October 7, 2019. The script was added to the “Checkout” and “My Wallet” pages.

The malicious script was removed on the same day it was identified, however customers that placed online orders or submitted their financial details prior to the code being removed – may have had their information stolen.

Threat actors may have potentially accessed personal information and financial credentials including first name; last name; address; city; state; zip; email address; phone number; payment card number; payment card security code; payment card month/year of expiration – if these were submitted into the compromised page.

Macy’s have notified law enforcement and hired a leading class forensics firm to assist with their investigation. In addition, all relevant card brands (i.e Visa, Mastercard, Discover and American Express) have also been alerted.

In the notice, Macy’s wrote: “There is no reason to believe that this incident could be used by cybercriminals to open new accounts in your name. Nonetheless, you should remain vigilant for incidents of financial fraud and identity theft by regularly viewing your account statements and immediately reporting any suspicious activity to your card issuer.”

Macy’s told BleepingComputer that only a small amount of customers were impacted, and that additional security measures have been implemented to prevent this from occurring again.

Macy’s has also arranged to have Experian IdentityWorks to provide its customers with identity protection services for 12 months at no additional cost.

The original article was posted here:

view more articles

About Article Author


View More Articles
write a comment


No Comments Yet!

You can be the one to start a conversation.

Add a Comment