Exploit: Malware attack
Páramo: Clothing retailer
Risk to Small Business: 1.755 = Severe
Card-skimming malware was active on Páramo’s online store for more than eight months before the retailer identified and eradicated the malicious code. Specifically, the malware redirected shoppers’ card information through a PayPal plugin. The information was forwarded to hackers who could use the data to commit financial fraud. This attack was especially difficult to detect, underscoring the importance of actively securing the online checkout process against bad actors.
Individual Risk: 1.992 = Severe
The card-skimming malware collected shoppers’ names, addresses, card numbers, and CVV codes. This information can be used in a variety of financial crimes, and victims should immediately report the breach to their financial institutions. Also, they should enroll in a credit monitoring service that can help ensure the long-term integrity of their personal and financial data.
Customers Impacted: 3,743
How it Could Affect Your Customers’ Business: Online shopping has surged since the COVID-19 pandemic, presenting an opportunity for retailers to recoup some of the losses from diminished foot traffic. However, while shoppers are spending more money online than ever before, they are also more willing to walk away from retail outlets that can’t protect their information. Card-skimming malware is a real threat to the checkout process, and it’s one of many cybersecurity concerns that businesses looking to capitalize on their online stores need to consider.
Source:
https://www.theregister.com/2020/05/19/paramo_hack_magecart/?&web_view=true