Macy’s Inc (NYSE:M) has announced that its shopping site has experienced a data breach for one week (between October 7 and 15, 2019) just before the beginning of the holiday season. The share of Macy’s traded at $15.32 (down 1.03%) on November 29, 2019. It expects to persuade other online shoppers to refrain from online shopping at other merchants as well during the holiday season. As a result, the sales during this holiday season are expected to decline significantly.
The handiwork of Magecart cybercriminals
The data breach just before the start of the holiday shopping season at Macy’s could be the handiwork of Magecart cybercriminals. Data theft is caused through third party access on the MyWallet Page and Checkout Page of Macy’s. The company noticed the suspicious activity on its website a week after the insertion of malicious code. It immediately informed the law enforcement authorities and called in forensic experts to detect the code and take preventive measures. The company also informed a few affected customers immediately to take preventive measures.
Sells data on the dark web
Hackers sell credit card information on the dark web. They could also clone the credit card details to plastic cards and indulge in shopping at other retailers causing huge loss to online shoppers, who could not immediately detect the fraud.
Warning for retailers
The data breach is an eye-opener for other online retailers and to implement security measures immediately. Some mechanisms include preventing access to third-party sites and deploying stringent security controls.
The brick and mortar retailers – Target and Walmart move forward with impressive earnings. However, retailers like Home Depot and Kohl’s missed the expectations of analysts in Q3 2019. Macy’s reported $5.2 billion in revenues. According to the estimates of 12 analysts based on the past twelve month’s earnings, Macy’s expect to post revenues of $24.4 billion in 2021.