International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months.

Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the day after the retailers closed all its 3,000 stores. An anonymous party reserved the claires-assets.com URL that ultimately unleashed the attack, whose financial damage is unknown, on a server hosted on the Salesforce Commerce Cloud, previously known as Demandware.

On June 12, Sansec informed Claire’s of its discovery, and the retailer took immediate action to investigate and address the breach by removing the code and taking additional measures to reinforce the security of the e-commerce platform.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.