Emma Sleep Company suffered a Magecart attack which compromised customers' credit or debit card data from its website.
It was a sophisticated targeted cyber-attack on the checkout process on their website via the ubiquitous Adobe Magento e-commerce platform where a malicious piece of code was added to checkout pages to capture card data from within a user's browser.
Emma Sleep identified the attack, implemented the safety protocols to contain it and notified the impacted individuals.
Source: https://www.theregister.com/2022/04/04/emma_the_sleep_company_admits/
TPRM report: https://scoringcyber.rankiteo.com/company/emma-sleep
"id": "emm193630522",
"linkid": "emma-sleep",
"type": "Cyber Attack",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'E-commerce',
'name': 'Emma Sleep Company',
'type': 'Business'}],
'attack_vector': 'Malicious code injection on checkout pages',
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Credit or debit card data'},
'description': 'Emma Sleep Company suffered a Magecart attack which '
"compromised customers' credit or debit card data from its "
'website. It was a sophisticated targeted cyber-attack on the '
'checkout process on their website via the ubiquitous Adobe '
'Magento e-commerce platform where a malicious piece of code '
'was added to checkout pages to capture card data from within '
"a user's browser. Emma Sleep identified the attack, "
'implemented the safety protocols to contain it and notified '
'the impacted individuals.',
'impact': {'data_compromised': 'Credit or debit card data',
'payment_information_risk': 'High',
'systems_affected': 'Checkout process on website'},
'initial_access_broker': {'entry_point': 'Checkout pages'},
'motivation': 'Financial gain',
'response': {'communication_strategy': 'Notified impacted individuals',
'containment_measures': 'Implemented safety protocols',
'incident_response_plan_activated': True},
'title': 'Magecart Attack on Emma Sleep Company',
'type': 'Magecart Attack',
'vulnerability_exploited': 'Adobe Magento e-commerce platform'}