Security News > 2020 > November > Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach
The company's response was less than solid gold - it took months to notify its users of the breach.
In a notice sent to its online customers, the company said that it became aware of suspicious activity on its website on July 6.
The company claims on its website that it uses 256-bit SSL encryption, certified by DigiCert/Norton.
"Magecart attacks are notoriously difficult to detect because they target the client-side of websites," Ameet Naik, security evangelist at PerimeterX, told Threatpost, noting that taking five months to notice the skimmer is not unusual.
"Hackers inject malicious shadow code into the website scripts which runs on the users' browsers. Traditional server-side monitoring and security solutions don't have visibility into this client-side activity and are unable to stop such digital skimming attacks that lead to the theft of personal data from website users. This not only hurts the online business, but also exposes them to compliance penalties and liability."
News URL
https://threatpost.com/texas-gold-dealer-payment-data-breach/160846/
Related news
- Texas Tech University System data breach impacts 1.4 million patients (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Ireland fines Meta $264 million over 2018 Facebook data breach (source)
- New fake Ledger data breach emails try to steal crypto wallets (source)
- Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts (source)
- 46% of financial institutions had a data breach in the past 24 months (source)
- UN aviation agency investigating possible data breach (source)
- Washington state sues T-Mobile over 2021 data breach security failures (source)
- Largest US addiction treatment provider notifies patients of data breach (source)