Latest Threat Research: Technical Analysis: Killer Ultra Malware Targeting EDR Products in Ransomware Attacks

Get Informed


Michigan State University E-Skimming Attack

Michigan State University is the latest victim of e-skimming. MSU disclosed that roughly 2,600 users of its online store had credit cards and other personal information stolen in the attack. MSU stated, “An unauthorized party gained access to Michigan State University’s online store,, and placed malicious code to expose shoppers’ credit card numbers between Oct. 19, 2019, and June 26, 2020.” Michigan State is working with law enforcement as part of the investigation. Daniel Ayala, the MSU Chief Information Security Officer, said, “Once the university was notified, an initial investigation determined the exposed information included names, addresses, and credit card numbers of about 2,600 customers.” The university will be reaching out to all potentially affected users and offering free credit monitoring and identity protection. 

Analyst Notes

Any company, university or other organization that operates an online shopping site and accepts credit card payments should be aware that their site will be targeted by threat actors attempting to steal credit card details from customers. The website needs to be monitored closely for any unauthorized changes to JavaScript and HTML files that include JavaScript, as well as any unusual login activity. It should not take months of theft before the problem is recognized and investigated. Whenever a user has been affected by an attack such as this, Binary Defense recommends that they take full advantage of the identity and credit monitoring. Even though credit monitoring won’t help to stop fraudulent charges on stolen payment card accounts, it will help to recognize if new financial accounts are created using the stolen personal information. Binary Defense also recommends that people monitor their credit card statements if they used a credit card on the online shop, or their checking account transactions if they used a debit card on the site that was compromised.

For more information about this attack, please see the link below: