nutribullet | magic bullet

Magecart hackers had targeted the NutriBullet website.

The hackers broke into the website several times over the past two months, injected malicious credit card-skimming malware on its payment pages, and siphoned off the credit card numbers and other personal data like names, billing addresses, expiry dates, and card verification values of unsuspecting blender buyers.

The data was scraped and sent to a third-party server operated by the attackers and the stolen credit card data was sold to buyers on dark web marketplaces.

Source: https://techcrunch.com/2020/03/18/nutribullet-credit-card-malware/

"id": "NUT2230231222",
"linkid": "capital-brands-llc",
"type": "Breach",
"date": "03/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"