The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform.
According to a joint report published by RiskIQ and FlashPoint in 2019, some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated.
Millions of Magecart instances were detected over time, security experts discovered tens of software skimming scripts.
In a report recently published by
Hanna Andersson started informing its customers via email, the company was informed by law enforcement on December 5 that data
The company immediately launched an investigation that revealed that a third-party
While Hanna Andersson’s investigation into the security incident revealed that no all of the customers who paid using their payment cards through the Salesforce Commerce Cloud (previously known as Demandware), it was not able to pinpoint the ones who were.
“The incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date,” reads a notice issued by the company.
“We have taken steps to re-secure the online purchasing platform on our website and to further harden it against compromise. In addition, we have retained forensic experts to investigate the incident and are cooperating with law enforcement and the payment card brands in their investigation of and response to the incident.”
The company sanitized its e-commerce platform and declared to have implemented additional
The retailer is offering MyIDCare identity theft protection services through ID Experts, it includes 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed id theft recovery services.