Exploit: Skimming (Magecart)
JM Bullion: Precious Metals Dealer
Risk to Small Business: 1.772 = Severe
This Texas precious metals trader discovered that someone was cashing in on their clients’ transactions and it wasn’t them. In a recent regulatory filing, the company disclosed that malicious payment skimming code was present and active on their website from February 18, 2020, to July 17, 2020.
Individual Risk: 1.624 = Severe
The information stolen in this attack includes customers’ names, addresses, and payment card information, including the account number, expiration date, and security codes. Customers should be alert to potential identity theft and spear phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Failing to notice a payment card skimmer operating on your site for 6 months does not speak well to your company’s commitment to keeping client data secure.