Claire’s accessory company was hacked. Customers’ credit cards were leaked

Claire’s aftermarket has suffered a data breach that compromised the information of thousands of customers. The attack began on April 25 and continued until June 13, according to researchers at cybersecurity firm Sansec.

Researchers claim that the attack was deployed using Magecart, a malware used to extract payment card data from users of a website, an attack technique known as “skimming”. This attack variant has increased considerably over the past few years.

For security reasons, clients who have used their payment cards at Claire’s online store in recent weeks are advised to verify their bank statements to verify that there is no suspicious activity, recommended by the jewelry and other accessories selling company.

A spokesperson for Claire’s told the media that the company still doesn’t know exactly how many customers might have been affected. However, the company is notifying all users that they may have seen their compromised information.

The security breach is already being investigated, in conjunction with appropriate authorities and external cybersecurity firms.

Security incidents are becoming a daily thing, unfortunately for users of digital technology and services. A few weeks ago, British Airways acknowledged an incident that would have compromised the data of more than 380,000 users; the airline has been the victim of at least three relevant security incidents since 2018.

Regarding the reasons for cybercriminals, cybersecurity experts mention that confidential details are stolen to put them up for sale on hacking forums, where other hacker groups could buy them for highly sophisticated subsequent attacks.