Cyber hackers have attacked the websites of over 4,000 online shops, attempting to steal payment information and other personal information from customers. The National Cyber Security Centre (NCSC) has discovered a total of 4,151 retailers that have been hacked by hackers seeking to reroute money and steal personal information by exploiting vulnerabilities on checkout sites.
Most online stores targeted for payment-skimming attacks were affected by known vulnerabilities in the Magento e-commerce platform. Small and medium-sized organizations are the majority of those affected and informed of the hacks and risks.
Prior to Black Friday, the NCSC published the number of firms it had warned about client data theft. It asks all retailers to make sure their websites are safe ahead of the year’s busiest online shopping season to protect their businesses and consumers from cyber thieves.
One of the essential things online retailers can do to help avoid payment and personal data theft is to install security patches that prevent cyber thieves from exploiting known vulnerabilities in Magento and other software.
The NCSC’s and British Retail Consortium’s Cyber Resliance Toolkit For Retail recommends several items, including prompt security patches. Although this kit was published in October 2020, the advice on keeping websites safe from cyberattacks is still applicable today.
The NCSC’s Active Cyber Defence program, which has been scanning for vulnerabilities that might affect online retailers since April 2020, detected hacked e-commerce websites. The NCSC has also issued a reminder to customers on how to purchase safely online. The recommendations include being careful about where you buy, only providing relevant information, using a secure payment system, and keeping your online accounts safe.