The large-scale automated hacking attack against Adobe Magento serves as a reminder to update your software when new security updates are available. The software platform allows retailers to create an online store front and conduct sales. Out of the nearly 2,000 online stores that fell victim to the credit card skimming script, a majority were still using Magento version 1. Since security updates stopped for Magento 1 in June 2020, it is suggested that all users upgrade to Magento 2 for increased security.
The attack was believed to have started on Friday, 9/11, when malicious JavaScript code was implemented into the system. Over the weekend and into Monday the JavaScript spread to other retailers compromising the credit card information of thousands of customers. Experts are currently unable to identify how this attack is being carried out, but some believe that it originated in a hacker forum when information was being sold between threat actors. The attack is still under investigation.
Learn more about this attack and how your business can stay safe here.