Cybercriminals using Magecart card-skimming code attacked the online store of the NBA's Atlanta Hawks, stealing customers names, addresses and payment card numbers.
The Sanguine Labs team at Sanguine Security identified the offending code on the store's checkout page on Saturday April 20, according to a post on the security company's website. But research from RiskIQ following this public disclose revealed that the website, HawksShop.com, had been compromised far longer than that.
"The first time we detected skimming code on the website was June 6th of 2017, RiskIQ threat researcher Yonathan Klijnsma, Threat Researcher told SC Media. "The compromise wasn’t targeted however, it was one aimed at hundreds of websites at the same time."
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.