Online Gold Bullion Seller Hacked By The Attackers Customer Data At Risk

gold price
According to a recent report and online gold bullion and precious metals seller ‘JM Bullion’, has been hacked by the attackers.

First reported by Bleeping Computer, and TechSpot, the online retailer sells gold, silver, copper, platinum, and palladium products, such as coins and bullion. The company’s website was initially compromised in February when hackers inserted malicious JavaScript code that sends submitted payment information to a remote server operated by the attackers.

“On July 6, 2020, JM Bullion was informed about the suspicious activity on its website. JM Bullion immediately began an investigation, with the help of a third-party forensic specialist, to assess the nature and scope of the incident,” the company wrote in a ‘Notice of Data Security Incident’ sent to customers.

Interesting: Hackers Intruded Many State Agencies In Washington

“Through an investigation, it was determined that malicious code remained at the website from February 18, 2020, to July 17, 2020, that code had the ability to gather customer information entered into the website in limited scenarios while making a purchase.”

JM Bullion has notified law enforcement about the breach and advises any customers who purchased items from the website between February 18 and July 17 to monitor their bank statements for suspicious activity.

These types of attacks, known as MageCart, have been growing in popularity in recent times. A report last year revealed that more than 17,000 websites, including Newegg, Quest Diagnostics, and British Airways, may have had credit card skimmers injected into their payment screens. The breach on fashion giant Macy’s last October was a MageCart attack.

It is not a surprise why hackers would target a website with such affluent customers—JM Bullion lists many items reaching into tens of thousands of dollars. How the information was gathered and how much the criminals managed to steal is still unclear.