When you conduct a transaction online, this information includes your credentials for financial services such as PayPal or credit card information including card numbers, expiry dates, and security codes. Magecart is a malware framework intended to steal credit card information from compromised eCommerce websites. It is generally not possible to avoid by the average consumer as they take place on vulnerable e-commerce websites with code injected into payment portals to skim and steal card data input by customers. Past victims of Magecart groups include British Airways, Newegg, Macy’s, Ticketmaster, and Boom! Mobile.

Cybercriminals who steal financial service credentials through phishing and fraudulent websites, who eavesdrop on your transactions through Man-in-The-Middle (MiTM) attacks, or who utilize card-skimming malware can steal these details when they are not secured. Once this information has been obtained, unauthorized transactions can be made, clone credit cards can be created, or this data may be sold to others on the Dark Web.

When it comes to Magecart attacks, everyone is at risk. No industries are spared, and the Magecart victim list reads like a who’s who of some of the world’s leading brands. Magecart attacks target all kinds of businesses of all sizes and segments, and with increasingly complex methods.

Let’s have a look at some high-profile examples:

1. One of the giant spikes in Magecart attacks came in 2018 when Ticketmaster announced that payment information had been stolen from their websites. The breach resulted from Magecart operatives placing skimmers on checkout pages through third-party suppliers. They also attacked third parties themselves, which gave the scammers access to over 800 e-commerce sites.

2. Websites of 8 US cities were compromised by Magecart card detail-skimming software. The skimmers targeted payments made through Click2Gov (a self-service portal used to pay utility bills and parking fees). In this case, attackers were collecting credit card details along with names and contact addresses.

3. In February 2020, Magecart Group 8 had placed a JavaScript skimmer on NutriBullet’s international website to steal credit card information. Despite efforts to remove the skimming code, new versions kept appearing, compromising the site for almost a whole month.

4. Airline giant British Airways was targeted by a Magecart attack in 2018, and the data of nearly 400,000 customers was breached. The Magecart attack affected payments on the main site and mobile app between August 21st, 2018, and September 5th, 2018. As a result, British Airways had to pay a record-high £183m GDPR fine after failing to prevent the attack.

5. Magecart has also targeted the magazine industry with an attack on Forbes. This time, attackers injected web-skimming scripts into the subscription website for the Forbes print magazine. Customers thought they were signing up to get Forbes delivered to their door but were instead delivering their sensitive information straight into the hands of hackers.

This is just a handful of examples that illustrate the extent and potential devastation of a Magecart attack. And with the increase in online shopping, they’re showing no signs of slowing down. Luckily, ProtectIQ can help give you the peace of mind of knowing you have an extra line of defense against malware and intrusions.


Cumberland Connect subscribers can add a secret weapon to their cybersecurity arsenal: ProtectIQ Network Security. With ProtectIQ™, you can have an extra layer of network-level security that helps protect all devices connected to your network. ProtectIQ is a network-level security application, included in the Peace of Mind Package, that works quietly in the background and proactively helps keep malicious websites, viruses, and intrusion away from your home 24/7/365. Learn more about ProtectIQ and the other great benefits of enrolling in the Peace of Mind Package by clicking here.


We want you to have an awesome experience online — and that means keeping your personal information safe and protected! We hope that spreading awareness and sharing these safety tips helps you stay safe online — and be sure to check out our blog to read more about common online scams to watch out for.


*ProtectIQ is not a replacement for traditional antivirus software, but rather, works together with your antivirus software by ensuring that Internet-connected devices like video cameras, Smart TVs, home automation systems, video doorbells, or any other “smart” devices in your home are monitored for web threats and intrusions. While ProtectIQ adds an extra layer of security to your Wi-Fi network, ProtectIQ is not a substitute for antivirus software, and our team recommends keeping anti-virus software as an add-on to ProtectIQ as it can help clean up any systems that are infected.


Connecting You to Your Best Life