According to Help Net Security, the attack of Claire’s online store has been flagged by Sansec researchers. According to them, the skimmer was distributed from a domain made to look like it might belong to the company (claires-assets.com). Moreover, it has been reported that the domain was added between 25-30 April 2020.
Although it is still unknown how the attackers managed to compromise the online shops, it appears that they might have started planning the attack a month before executing it. Besides, they registered the malicious domain a day after Claire’s announced it will temporarily close all of its brick and mortar stores due to the COVID-19 pandemic.
Regarding Intersport’s case, ESET researchers have reported that the attack of Intersport’s web store was discovered and fixed within several hours of ESET letting them know. Furthermore, Intersport made a statement on 17 June 2020, revealing that a code that had the purpose of scanning payment card data was installed on their websites. However, no payment card information was intercepted, as online card payments are processed through the independent WSPay payment platform, which was not affected by the malicious code.
The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.
The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.
Current themes
No part of this site can be reproduced without explicit permission of The Paypers (v2.7).
Privacy Policy / Cookie Statement
Copyright