https://www.bankinfosecurity.com/precious-metal-trader-jm-bullion-admits-to-data-breach-a-15294
Exploit: Skimming (Magecart)
JM Bullion: Precious Metals Dealer
Risk to Small Business: 1.772 = Severe This Texas precious metals trader discovered that someone was cashing in on their clients’ transactions and it wasn’t them. In a recent regulatory filing, the company disclosed that malicious payment skimming code was present and active on their website from February 18, 2020, to July 17, 2020.
Individual Risk: 1.624 = Severe The information stolen in this attack includes customers’ names, addresses, and payment card information, including the account number, expiration date, and security codes. Customers should be alert to potential identity theft and spear phishing attempts.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Failing to notice a payment card skimmer operating on your site for 6 months does not speak well to your company’s commitment to keeping client data secure.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.