Security News > 2021 > April > World's largest pathologists association discloses credit card incident
The American Society for Clinical Pathology disclosed a payment card incident that impacted customers who entered payment info on its e-commerce website.
The Chicago-based association for medical professionals is the world's largest such organization for pathologists and laboratory professionals.
"We have recently been informed that our e-commerce website was the target of a cybersecurity attack that, for a limited time period, potentially exposed payment card data as it was entered on our website," ASCP said.
On March 11, 2021, ASCP discovered that the attackers might have had access to customers' payment card information, including names, credit or debit card numbers, card expiration dates, and CVV. The pathologists association added that it found no evidence that customers' exposed payment card info was misused after the incident.
ASCP also said it does not store any of its customers' payment card data on its servers and that it implemented security measures to prevent similar incidents in the future.
Threat actors inject JavaScript-based scripts known as credit card skimmers into compromised online stores.