This could be the most expensive data breach ever
An online precious metals trader has reported that it has been the victim of a significant data breach.
JM Bullion, which sells gold, silver, copper, platinum and palladium, fell victim to a cyber attack in February that was only discovered in July. It remains unclear why the hack has only just been made public.
Known as MageCart, this type of attack works by placing lines of malicious JavaScript code on a website. Then when a person enters payment information, the code redirects it to a remote server managed by the hacker.
“On July 6, 2020, JM Bullion was made aware of suspicious activity on its website. JM Bullion immediately initiated an investigation, with the assistance of an outside forensic specialist, to assess the nature and extent of the incident,” said a report. to JM Bullion customers.
“Through an investigation, it was determined that from February 18, 2020 to July 17, 2020, malicious code was present on the website, providing the ability to capture customer information entered on the website in limited scenarios while making a purchase . “
Five months
This breach could have resulted in hugely sensitive information, including customer names, addresses and even payment information, falling into the wrong hands. The malicious code was only removed from the JM Bullion website on July 17th – meaning it was around for a whopping five months.
Law enforcement officials have been notified of the breach, and anyone who purchased items from the JM Bullion website between February 18 and July 17 has been advised to check their bank statements for fraudulent activity.
While there have been no reports of malicious activity as a result of the hack so far, JM Bullion posted sales of more than $ 3 billion in the past eight years. If cyber attackers use ill-gotten credentials to carry out fraudulent activities, it can become a hugely costly data breach for the company and its customers.
Through Bleep computer
The post This could be the most expensive data breach ever appeared first on WhatsNew2Day.