The retail giant Macy’s has one of the most popular online shopping websites in the United States, so it comes as no surprise that the company is a lucrative target for attackers. A breach that occurred over the week of October 7th to October 15th, 2019 likely affected thousands of customers and their information, including customer names, addresses, phone numbers, credit card numbers, card verification codes, and expiration dates. This is a result of a credit card skimmer being placed on the company’s website, and while a specific threat group has not been named as a suspect, the many criminal groups known as “Magecart” are notorious for these styles of attacks. As more details emerge regarding this breach, it will be challenging for Macy’s to handle public relations and regaining the trust of customers–the last breach that affected Macy’s resulted in the company becoming the target of a class-action lawsuit.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is