Hackers Take Advantage of COVID-19 Closures to Launch Claire’s Data Breach

Jun 18, 2020 | Internet Scam & Alerts




ITRC_SS_claires_1061314235 Hackers Take Advantage of COVID-19 Closures to Launch Claire’s Data Breach

A Claire’s data breach has some affected consumers looking for next steps. The popular jewelry and accessories retailer Claire’s, and its sister-company Icing, suffered a data breach of customers’ payment card details in an event that is believed to be the work of a Magecart attack. Magecart attacks are typically initiated by hackers using malware to insert harmful code into the company’s website. Once the hackers’ own code is in place within the website’s existing code, it can then be used to glean information that is entered during the checkout process without any change to the transaction process.

In the Claire’s data breach, the Magecart attack began skimming payment card information from the retailer’s website around April 20 but may have been inserted as early as March 20, the day after Claire’s physical locations were closed due to COVID-19. With the increase in online traffic from store closings and the reduced workforce available to oversee any possible threats, hackers were able to steal transaction details. The company is still investigating but has already said that no in-store transactions leading up to these dates were compromised.

Claire’s was informed of the breach by security researchers at Sansec; the company immediately shut down its site and removed the malicious code, as well as implemented additional measures to reinforce the security of their platform. Anyone who may have made an online transaction between April 25 and June 13 should consider proactive steps, such as contacting their financial institutions to cancel their payment cards and request new ones. They should also change their usernames and passwords on their Claire’s or Icing online account, as well as any other accounts that may use those same login credentials. Finally, consumers who may have been affected by the Claire’s data breach should know that copies of credit reports from each of the three major credit reporting agencies are free every week until April 2021; a credit report can help consumers monitor their information for suspicious activity in order to report it.

Victims of the Claire’s data breach or any other data compromise event can also live-chat with an Identity Theft Resource Center expert advisor or contact one by calling toll-free at 888.400.5530. Advisors will help victims create an action plan that is tailored to their needs. They can also download the free ID Theft Help App for iOS and Android for access to a case log, resources, advisors and much more.


You might also like…

U.S. MARSHALS SERVICE DATA BREACH EXPOSES IDENTITIES OF 387,000 PRISONERS

BOMBAS, COLUMBIA COLLEGE OF CHICAGO AND ST. JOSEPH’S HEALTH SYSTEM DATA BREACHES AMONG LATEST WEEK OF COMPROMISES

YEARS OF FORMJACKING LEADS TO BOMBAS DATA BREACH

WordPress Development

SEO NEWS

seo news

We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.