Fashion Site Sixth June Leaking Card Data to Magecart Hackers

Written by

Apparel site Sixth June has become the latest brand to suffer a digital skimming attack on its website, according to a security researcher.

RapidSpike systems developer and researcher “Jenkins” took to Twitter yesterday to claim the firm had a live Magecart payment skimmer actively stealing customer card details.

“We reported the hack to their CEO last week but have not yet received a response,” he added, posting screenshots of the malicious JavaScript.

The Paris-based fashion retailer is said to have hundreds of thousands of social media followers, with its designs sold through ASOS, USC and other outlets.

The incident calls to mind an alert raised by another security researcher late last week. Willem de Groot from Sanguine Security claimed that Procter & Gamble’s First Aid Beauty brand had been infected with a payment skimmer since May 5.

This attack is more sophisticated than usual, with the malicious code not activating for non-US visitors, or if the user is running Linux, as many researchers do, he explained.

“I reported the breach to their executives and support team last week, but have yet to receive a reply,” de Groot tweeted last Friday. “FirstAidBeauty was bought last year for $250M. P&G decided to not integrate their new acquisition, which they may regret now.”

Yossi Naar, co-founder of Cybereason, said the Magecart incidents are a “stark reminder” that breaches will always happen.

“In an attempt to at least level the playing field, companies need to immediately pay more attention to post-breach detection and mitigation and assume they will be breached and start protecting their data accordingly,” he added. “A few simple steps include encrypting all data that is deemed sensitive, limiting employee access to networks and reducing large collections of data in widely accessible systems.”

Online brands would be well-advised to get a handle on Magecart: BA was famously fined £183 million for security failings which led to the skimming of card data on around 500,000 customers.

What’s hot on Infosecurity Magazine?