Jonathan Greig: Macy’s holiday breach highlights retailer’s need for encryption and scrutiny of third-party systems
https://www.techrepublic.com/article/macys-holiday-breach-highlights-retailer-need-for-encryption-and-scrutiny-of-third-party-systems/
Attackers were collecting user credit card information for an entire week from the Macy’s website before they were alerted. Here’s how retailers can protect themselves.
Just a few weeks before America spends billions of dollars on Black Friday, Macy’s is facing a PR nightmare after it was forced to notify thousands of customers that their credit card information was sent to cybercriminals during a hack on October 7.
The billion-dollar retailer, which controls nearly 600 stores across the country, said hackers injected malicious “card-skimming” JavaScript into their ‘Checkout’ and ‘My Wallet’ pages, meaning the credit card information, addresses and names of thousands were recorded on another website that could be accessed by the attackers.
Comments are closed.