Magecart Mayhem Continues in OXO BreachMagecart Mayhem Continues in OXO Breach
The home goods company confirmed users' data may have been compromised during multiple time frames over a two-year period.
January 9, 2019
OXO International, a US-based manufacturer of kitchen utensils and home goods, reported a data breach spanning two years that experts say appears to be a Magecart attack.
The company is notifying customers of a data security incident "involving sophisticated criminal activity" that may have compromised their personal data. It believes unauthorized code may have granted adversaries access to names, billing and shipping addresses, and credit card info.
In December 2018, OXO worked with forensic investigators to confirm the security of personal data entered on its website may have been exposed. It claims the windows of compromise include June 9, 2017, through November 28, 2017; June 8-9, 2018; and July 20, 2018, through October 16, 2018. Upon discovering the intruders' code, OXO worked with security consultants to investigate the incident and determine the next steps to prevent similar types of attacks in the future, officials report in a letter.
Additional evidence and further analysis identified past website vulnerabilities. OXO investigated the malicious code, removed it, conducted system scans, and reissued access credentials. It is also providing identity monitoring to customers for one year via Kroll. Qualifying members are being sent an ID by OXO they can use to access the free service.
A closer look at the breach by BleepingComputer shows this is likely a Magecart attack. Magecart, an umbrella term for at least seven cybercriminal groups, has been gaining notoriety for stealing financial data by installing digital credit card skimmers onto e-commerce sites. Attackers implement code into a target site's checkout page to lift data that customers enter. As the report explains, at least one of the OXO breaches was a Magecart attack to steal information.
Magecart's victims have expanded from consumers to globally known brands, including Ticketmaster, British Airways, and Newegg.
Read more details here.
About the Author(s)
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023