Latest Threat Research: Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks

Get Informed


Active Network Suffers Data Breach

Blue Bear, a software platform provided by Active Network, was breached recently. Blue Bear helps schools manage accounting, student fees, and online stores related to schools. Any parents or guardians who logged in to school web stores that use Blue Bear from October 1st, 2019 through November 13th, 2019 may have had personal information such as name, payment card number, payment card expiration date, payment card security code, and store username and password accessed by hackers. Investigations so far indicate that this could be a Magecart-style attack. A law firm based out of Tulsa is looking into the incident and are asking potential victims to contact them regarding a class action lawsuit.

Analyst Notes

Magecart style attacks, also called “E-skimming,” have become very popular with threat actors to steal payment card information from websites. This type of attack requires attackers to change JavaScript files that are part of the affected website. Organizations that operate websites requiring online payments should closely monitor the checkout pages of their website for any unexpected changes to JavaScript files included on the checkout pages. When entering payment information on a website, it is safest to use a payment system such as PayPal that does not reveal the payment card number directly. Some banks offer the option to use virtual credit cards for online payments that can only be used for transactions with a designated merchant and prevent fraudulent use of the virtual card number. If that is not an option, it is recommended to use a credit card instead of a debit card, so that any fraud on the card does not result in money being directly debited from an attached checking account. Always pay attention to charges on statements or sign up for text alerts to quickly spot fraudulent transactions on a credit card and report fraud to the issuing bank. If a frequented site has been affected by a Magecart style of attack, the credit card used on that site should be canceled immediately.