Magento reveals increase credit card hacks

Written December 18, 2015 • Steve Perry

The Fagins of this world seem to get smarter by the day. You know this. There will always be someone who wants what you have and they will find innovative ways of getting it.

This is especially true online. Over 3,500 sites have discovered that credit card details were stolen, with issues as far back as May 2015. This is not just the small shops; some high profile businesses were also targeted.

The assumption is often that you are only at risk at the checkout. However, MageReport released a security warning to developers that there have been new attacks through browsers, whether the checkouts were encrypted or not. They found that when a customer typed their card details into a form on a compromised site, the malware lurked beneath the surface of the CMS database like a spider under the sofa. It would then snatch a copy as the form passed through prior to encryption.

The JavaScript code responsible can run on any e-commerce site, not just Magento, if it hasn’t been well protected. Without the correct patches in place, you are at risk of being exploited by hackers and your customers are the ones who will suffer for it.

The quickest way to check is to have your shop scanned by MageReport. MageReport is a free tool that looks for threats and problems with Magento sites. If there is anything of concern, run it by your current website developer to fix for you, or send me a message if you want to discuss this further.

If you require any more information, or would like to enquire about website maintenance packages, feel free to send me an email at ideas@steveperrycreative.com, call on +44 (0)7773 429068, or follow me on social media for bite-sized updates on Twitter @stevemarkperry