Security News > 2020 > June > 8 U.S. City Websites Targeted in Magecart Attacks
Researchers are warning that the websites of eight U.S. cities - across three states - have been compromised with payment card-stealing Magecart skimmers.
When asked which city websites were affected in this incident, researchers told Threatpost, "We can't say," adding that Trend Micro "Prioritizes responsible disclosure of security incidents and chooses not to 'name and shame' victims. Our primary goal is to help organizations identify and mitigate these incidents. We have notified the breached parties who will be responsible for handling the situation within each city."
Magecart in particular has targeted various websites, from the Nutribullet website to an Olympics ticket reseller.
In April, researchers observed a new skimmer from the Magecart Group actively harvesting payment-card data from 19 different victim websites, mainly belonging to small- and medium-sized businesses, for several months.
"During 2019, we also saw that academic institutions and hotel chains were targeted by similar attacks. This time, the attacker targeted the websites of various local governments," said Trend Micro researchers.