Sotheby’s, an American multinational corporation and Auction House has become another victim of Magecart attack after hackers gained access to Sotheby’s home website and inserted a card-skimming code aiming at customers’ credit card and banking data.
Although Sotheby’s detected the intrusion on 10th October 2018 the malware was present on its website and stealing personal and financial data of customers since March 2017. It is noteworthy that Sotheby’s home website was previously known as Viyet.com which the company bought in February 2018.
It is unclear how many customers have been impacted by the breach nevertheless, if you have shopped on Sotheby’s Home lately you might be a victim of Magecart attack through their website. As for the stolen data, the company believes it involves names, physical addresses, email addresses, payment card numbers along with their CVV codes and expiration dates.
“We cannot be certain as to when the website was first victimized by this attack.” said the company.
“The detected vulnerability may have, in Sotheby’s benefit, been the result of what has been reported as sabotage between factions of Magecart. Given the reporting is that they detected an unknown party on October 10 accessing and inserting malicious code, yet they also indicated that the malware was present at least as far back as March 2017. It is possible that the new breach initiated a careful audit that discovered the resident malware that was stealing data since early 2017,” said Carter.
Sotheby’s Home breach came just days after Marriott hotel data breach in which personal and financial data of 500 million guests was stolen. However, worse for Sotheby’s is about to come in the shape of outrage and GDPR fine.
Note: The IT security firm RiskIQ has profiled the six leading Magecart groups along with notable related unclassified threat groups, highlighting their skimmers, tactics, targets, and what makes them unique.
“Magecart is an umbrella term given to at least seven cybercrime groups, are placing digital credit card skimmers on compromised e-commerce sites at an unprecedented rate and with frightening success, RiskIQ”
Image credit: DepositPhotos