Since April 10, eight cities in three states using the Click2Gov web-based platform to collect payments for services have been hit with Magecart card-skimming attacks that still appear active.
Credit card information including card number, expiration date and CVV, as well as personal information such as name and contact address, were being exfiltrated from the municipalities, which were not named, according to a TrendMicro blog post.
However, five of the eight cities were also victims in Click2Gov attacks in 2018 and two of them had been skimmed in a similar 2019 attack.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.