Puma’s website hit by malware which “skims” credit card details and addresses
Puma’s Australian website has been hit by the notorious hacking organisation known as Magecart after credit card skimming software was detected.
According to CNET, security researcher Willem de Groot found suspicious hidden code on the website which “skimmed” customers credit card details, names and addresses during the checkout process, and subsequently sent them to a data server registered in Ukraine.
De Groot reportedly informed Puma of the hidden malware but has yet to receive a response from the company.
The skimming software found was the same used by Magecart, a massive hacking operation made up of multiple groups which use the same malware and techniques to target vulnerable websites.
Magecart specifically targets online retailers, and has previously attacked British Airways, TicketMaster, Newegg, Feedify, Shopper Approved and a raft of smaller independent retailers.
This comes as Hiscox’s third Cyber Readiness Report found that the number of companies reporting cyber attacks rose from 45 per cent to 61 per cent last year.
Not only have attacks become more frequent but the amount of losses related to the attacks has risen 61 per cent on average, from $229,000 to $369,000, with medium to large firms bearing a disproportionate amount of the cost.