Credit Cards Stolen in Magecart Weekend Attack Affecting 300 Schools
Cybercriminals stole payment card numbers in a weekend Magecart attack on Wisepay. The attackers set up a spoof website to trick Wisepay users into entering in payment card information into a fake payment portal.
About 300 schools were impacted by the Wisepay Magecart cyberattack. The company provides a web payment portal to schools so they can collect money for meals, trips, sporting events, and other bookings.
Magecart is a type of malware used to steal credit cards from eCommerce websites. Magecart cyber criminals inject computer code into websites. The malware lives on the website and quietly steals sensitive information including payment cards unbeknownst to the website owner or the website user. Magecart is not associated with anyone hacking group.
The attackers used URL manipulation to send parents from Wisepay to a spoofed payment card processing web page. If the user entered in their credit card information and details on this spoof web page, the payment card information was sent immediately to the hackers.
Wisepay is an online, web-based payment portal used by schools. It lets parents, students, and others deposit money for students to use at schools for meals and other expenses. The company does not retain any sensitive data like payment card numbers.
Wisepay does not collect and process payment cards on behalf of the schools. The company acts as a gateway between schools and parents and pass along the payment card processing to Sagepay, according to the report in The Register.
The attack began on 2 October and was stopped on 5 October when Wisepay staff noticed it. Attackers often launch cyberattacks on weekends when IT staff is most likely at its lowest. Wisepay took its website offline after they learned about the attack. The website’s ‘down for maintenance’ notice is removed, and the web service is back online now
The UK Information Commissioner’s Office was notified of the data breach incident. Wisepay Is working with a third-party service to investigate the cyber attack.
Read more about Magecart
Wisepay Cyberattack – How Do I Protect My Money?
People impacted by the Wisepay data breach have already been contacted. If you suspect that
- Check your bank for suspicious activity
- If you paid by credit card, check your monthly statement for any fraudulent charges
- Set up identity theft and fraud alert monitoring to protect your information and money
- Check your credit report for any accounts that you do not own
- Monitor your credit limits. Sometimes hackers raise credit limits on existing accounts rather than open new ones