US Retailer Hanna Andersson Hacked to Steal Credit Cards
Hanna Andersson has publicly disclosed that its website was hacked and malicious code was used to stead customers’ payment information for almost two months. The US children’s clothing company was hit by Magecart, an attack in which threat actors hack into vulnerable e-commerce platforms. The attack used web skimmers to collect consumers’ information, subsequently sending it to attacker-controlled remote sites.
Email notifications were sent out to customers, stating that Hanna Andersson was informed by law enforcement agencies that the credit cards used to purchase items from the company were available for purchase on a dark web site. An ensuing investigation confirmed that the skimmers were used during the months of September, October, and November.