Articles
5 Types of Ecommerce Fraud
Articles
10 Best Practices to Prevent Ecommerce Fraud
Articles
How Does Two-Factor Authentication (2FA) Work?
Articles
Chargeback Codes for Visa, MasterCard, Amex, and Discover
Articles
How to Fight Chargebacks
Articles
Address Verification Service (AVS) Check
Articles
E-commerce False Declines: How to Stop Turning Away Good Customers
Articles
How Merchants Can Fight Credit Card Disputes
Articles
Influencer Insights: High-risk Merchants Are at Risk of MATCHing
Articles
Influencer Insights: An Interview with 80stees.com
Wednesday, January 27, 2021

Merchant Fraud Journal

Articles
5 Types of Ecommerce Fraud
Articles
10 Best Practices to Prevent Ecommerce Fraud
Articles
How Does Two-Factor Authentication (2FA) Work?
Articles
Chargeback Codes for Visa, MasterCard, Amex, and Discover
Articles
How to Fight Chargebacks
Articles
Address Verification Service (AVS) Check
Articles
E-commerce False Declines: How to Stop Turning Away Good Customers
Articles
How Merchants Can Fight Credit Card Disputes
Articles
Influencer Insights: High-risk Merchants Are at Risk of MATCHing
Articles
Influencer Insights: An Interview with 80stees.com

Macy’s Magecart Attack Steals Shoppers’ Payment Data

November 20, 2019
|
No Comments
|
News

Hackers successfully targeted retail giant Macy’s with a Magecart attack, stealing the payments data of the company’s customers, the company said in a statement.

Hackers compromised the checkout and wallet pages of Macy’s website. Data stolen includes payment card numbers, payment card security codes, month/year expiration dates, and more. The company did not provide information about the number of customers affected by the data breach.

“On October 15, 2019, we were alerted to a suspicious connection between macys.com and another website,” the statement said. “Our security teams immediately began an investigation. Based on our investigation, we believe that on October 7th, 2019 an unauthorized third part added unauthorized computer code to two (2) pages on macys.com.”

Macy’s also states they immediately contacted law enforcement as soon as they became aware of the breach. In addition, they enlisted the help of hacking experts to ascertain how such a failure was allowed to occur.

“We immediately began an investigation as soon as we suspected a problem. We quickly contacted federal law enforcement and brought in a leading class forensics firm to assist in our investigation,” the statement said. We have reported the relevant payment card numbers to the card brands (i.e.Visa, Mastercard, American Express, and Discover). In addition, we have taken steps that we believe are designed to prevent this type of unauthorized code from being added to macys.com.”

Finally, the statement goes on to say that while Macy’s currently believes no harm came to customers whose data was compromised, they should remain vigilant.

There is no reason to believe that this incident could be used by cybercriminals to open new accounts in your name,” the statement said. “Nonetheless, you should remain vigilant for incidents of financial fraud and identity theft by regularly reviewing your account statements and immediately reporting any suspicious activity to your card issuer.”

Sources:
https://www.documentcloud.org/documents/6552530-MACY-S-NOTICE-OF-DATA-BREACH.html

Share This Article:
Tags:

Related Article

No Related Article

Our Sponsors

Get the 2020 Chargeback Representment Guide

chargeback representment guide

Get the 2020 Fraud Trends Report

fraud trends report

Join our Community

join the community

Featured Directory Listings

Our Sponsors

Stay in Touch

LINKEDIN

YOUTUBE