Exploit: Malware attack

Natonic: Health and beauty product retailer

Risk to Small Business: 1.777 = Severe

Security researchers have identified payment skimming malware on Natonic’s online store. The script appears to be related to MageCart, a prominent hacking group that steals customers’ personal and financial data by injecting malware into online stores. Although security researchers confirmed that the script is no longer active on Natonic’s webstore, the attack could have costly implications for the retailer – consumers may be less likely to shop with an online retailer with a history of data security issues.

Individual Risk: 2 = Severe

Payment skimming malware tricks customers into entering their payment information at checkout then sends that information to the cybercriminals instead of the retailer. While it’s unclear what information was compromised in this breach, shoppers should assume that any information entered on the webstore could be impacted. Users should notify their financial institutions of the breach while taking additional steps to secure their accounts and personal details.

Customers Impacted: Unknown

How it Could Affect Your Customers’ Business: Customers are aware that online transactions can be risky. They count on the companies that they do business with to help keep their personal and financial data secure. For companies that rely on online sales to drive revenue, data security has to be a top priority. The fallout from customer dissatisfaction caused by a data breach can badly damage a company’s reputation and significantly harm their ability to compete in today’s digital environment.

Source:
https://www.bleepingcomputer.com/news/security/credit-card-skimmer-found-on-nine-sites-researchers-ignored/