The US-based children’s clothing maker and online retailer Hanna Andersson discloses a data breach, attackers planted an e-skimmer on its e-commerce platform.
According to a joint report published by RiskIQ and FlashPoint in 2019, some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated.
Millions of Magecart instances were detected over time, security experts discovered tens of software skimming scripts.
In a report recently published by
Hanna Andersson started informing its customers via email, the company was informed by law enforcement on December 5 that data
The company immediately launched an investigation that revealed that a third-party
While Hanna Andersson’s investigation into the security incident revealed that no all of the customers who paid using their payment cards through the Salesforce Commerce Cloud (previously known as Demandware), it was not able to pinpoint the ones who were.
“The incident potentially involved information submitted during the final purchase process on our website, www.hannaandersson.com, including name, shipping address, billing address, payment card number, CVV code, and expiration date,” reads a notice issued by the company.
“We have taken steps to re-secure the online purchasing platform on our website and to further harden it against compromise. In addition, we have retained forensic experts to investigate the incident and are cooperating with law enforcement and the payment card brands in their investigation of and response to the incident.”
The company sanitized its e-commerce platform and declared to have implemented additional
The retailer is offering MyIDCare identity theft protection services through ID Experts, it includes 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed id theft recovery services.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.