Ticketmaster breach was part of a larger credit card skimming effort, analysis shows
A recent breach at Ticketmaster was just "the tip of the iceberg" of a wider, massive credit card skimming operation, new research has found. At least 800 e-commerce sites are said to be affected, after they included code developed by third-party companies and later altered by hackers, according to security firm RiskIQ.
Yonathan Klijnsma, a threat researcher at RiskIQ, said Magecart has a larger reach "than any other credit card breach to date, and isn't stopping any day soon." By targeting each third-party code supplier, the hackers can in some cases get "nearly 10,000 victims instantly," said the research. Cast your mind back last week to the Ticketmaster breach. The ticket selling giant admitted that some customers had their payment data compromised because its website was running code from Inbenta, a customer support software company, which hackers had altered. It's not uncommon for websites to rely on third-party code, hosted on other sites and services, to support their own. But they present a single point of failure, which, if breached, can affect every site that the code is loaded on.
Klijnsma said that it wasn't clear how each company was compromised. With so many companies affected, a co-ordinated disclosure was impossible, he said. But he said the Magecart threat group "extends well beyond Ticketmaster," discovering close to 100 top-tier sites, like large brands and online shops, but did not name any specific companies. "Personally I don't trust a single online store anymore," he said.