Security News > 2020 > November > Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach
The company's response was less than solid gold - it took months to notify its users of the breach.
In a notice sent to its online customers, the company said that it became aware of suspicious activity on its website on July 6.
The company claims on its website that it uses 256-bit SSL encryption, certified by DigiCert/Norton.
"Magecart attacks are notoriously difficult to detect because they target the client-side of websites," Ameet Naik, security evangelist at PerimeterX, told Threatpost, noting that taking five months to notice the skimmer is not unusual.
"Hackers inject malicious shadow code into the website scripts which runs on the users' browsers. Traditional server-side monitoring and security solutions don't have visibility into this client-side activity and are unable to stop such digital skimming attacks that lead to the theft of personal data from website users. This not only hurts the online business, but also exposes them to compliance penalties and liability."
News URL
https://threatpost.com/texas-gold-dealer-payment-data-breach/160846/
Related news
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
- Entertainment services giant Legends International discloses data breach (source)
- 2025 Data Breach Investigations Report: Third-party breaches double (source)
- Yale New Haven Health data breach affects 5.5 million patients (source)
- Frederick Health data breach impacts nearly 1 million patients (source)
- Baltimore City Public Schools data breach affects over 31,000 people (source)
- VeriSource now says February data breach impacts 4 million people (source)