An e-skimmer placed on the Procter & Gamble–owned First Aid Beauty site to steal payment card data went undetected for five months.

Dark Reading Staff, Dark Reading

October 26, 2019

1 Min Read

An online beauty store owned by Procter & Gamble was compromised by Magecart in May in a campaign that only ended today. First Aid Beauty, a site purchased by P&G earlier this year, went offline following notification of the attack from security researcher Willem de Groot.

First Aid Beauty used the Magento e-commerce platform, which patched 56 security vulnerabilities earlier in October. In the heavily obfuscated attack code, de Groot says, the criminals selected specifically for US customers and remained dormant when a user connected from a Linux system.

The malicious code captured included card number, expiration date, card owner name, and CVV code — everything required for a "card not present" credit card transaction.

For more, read here.

 

Virtual.Event-Fall19-380x50_DRVE.jpg

This free, all-day online conference offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. Click for more information and, to register, here.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights