In brief: Online retailers are a high-value target for hackers looking to steal customers' data, and a recent breach could prove particularly lucrative for the perpetrators. The victim was JM Bullion, a seller of precious metals.
First reported by Bleeping Computer, the online retailer sells gold, silver, copper, platinum, and palladium products, such as coins and bullion. Its website was compromised in February when hackers inserted malicious JavaScript code that sends submitted payment information to a remote server operated by the criminals.
"On July 6, 2020, JM Bullion was alerted to suspicious activity on its website. JM Bullion immediately began an investigation, with the assistance of a third-party forensic specialist, to assess the nature and scope of the incident," the company wrote in a 'Notice of Data Security Incident' sent to customers.
"Through an investigation, it was determined that malicious code was present on the website from February 18, 2020 to July 17, 2020, which had the ability to capture customer information entered into the website in limited scenarios while making a purchase."
JM Bullion has notified law enforcement about the breach and advises any customers who purchased items from the website between February 18 and July 17 to monitor their bank statements for suspicious activity.
These types of attacks, known as MageCart, have been growing in popularity in recent times. A report last year revealed that more than 17,000 websites, including Newegg, Quest Diagnostics, and British Airways, may have had credit card skimmers injected into their payment screens. The breach on fashion giant Macy's last October was a MageCart attack.
It's easy to understand why hackers would target a website with such affluent customers---JM Bullion lists many items reaching into tens of thousands of dollars. How much they managed to steal remains unclear.
Image credit: Misunseo