Exploit: Malware (Magecart)
Warner Music: Entertainment Company
Risk to Small Business: 2.307 = Severe In a just disclosed breach, Magecart skimming was in action at Warner Music from April 25 and August 5. Warner Music said hackers compromised “a number of US-based e-commerce sites” that were “hosted and supported by an external service provider.” The details that the cybercriminals checked out with include names, email addresses, telephone numbers, billing addresses, shipping addresses, and payment card details (card number, CVC/CVV and expiration date) for account holders and guests who placed items into shopping carts or made purchases in that timeframe.
Individual Risk: 2.297 = Severe The company did not specify in its filing exactly which parts of it’s retail operations were impacted. Warner Music is offering free credit monitoring through Kroll for victims.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Skimmers like Magecart are a result of hackers gaining access to parts of a website, often by compromising the weak credentials of a privileged account. Improving credential security is a must for strong cybersecurity.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
