The recent credit card breach at Ticketmaster was actually just a small part of a much larger credit card skimming operation, new research shows.
According to security firm RiskIQ, the breach affected 800 different e-commerce sites, not just Ticketmaster. The attack is thought to be the latest from a group called Magecart, which has been in operation since at least 2015, ZDNet reports.
The attack specifically targeted companies that had installed a third-party software that is meant to improve user experience. Magecart looks for exploits in that software. When they’re able to break into it an alter the code, it impacts all the users of that software, not just one.
“Any button or form is hooked so when a user clicks a button or submits a form the fields on the page, the skimmer extracts the name and value of the fields, combines them, and sends them to the drop server owned by the Magecart actors,” RiskIQ researchers told ZDNet.
If you routinely shop online, it’s always a good idea to monitor your credit card statements on a regular basis to ensure you don’t receive any unauthorized charges.