Any company, university or other organization that operates an online shopping site and accepts credit card payments should be aware that their site will be targeted by threat actors attempting to steal credit card details from customers. The website needs to be monitored closely for any unauthorized changes to JavaScript and HTML files that include JavaScript, as well as any unusual login activity. It should not take months of theft before the problem is recognized and investigated. Whenever a user has been affected by an attack such as this, Binary Defense recommends that they take full advantage of the identity and credit monitoring. Even though credit monitoring won’t help to stop fraudulent charges on stolen payment card accounts, it will help to recognize if new financial accounts are created using the stolen personal information. Binary Defense also recommends that people monitor their credit card statements if they used a credit card on the online shop, or their checking account transactions if they used a debit card on the site that was compromised.

For more information about this attack, please see the link below:

https://www.bleepingcomputer.com/news/security/michigan-state-university-discloses-credit-card-theft-incident/