- Wacom began to inform customers of a security incident
- The threat actors managed to steal payment information to a non -disclosed number of people
- The attack was discussed, said Wacom
The Wacom design equipment company warned its customers that it may have lost their personal data, including payment information.
A report of The register Said that the company considers that the attack took place between November 28, 2024 and January 8, 2025, and that it currently warns affected people.
In the letter of notification by e-mail, Wacom notes: “The problem which contributed to the incident was discussed and makes effectively investigate. However, we now write only to customers who could have been potentially affected by this.”
A credit card skimmer?
Those who do not get Wacom’s official communication should consider themselves as safe for the moment. Those who receive the email should definitively start to monitor their credit card readings, and perhaps even consider placing a fraud alert on their credit cards.
Wacom did not detail the attack at this stage. Therefore, we do not know who the attackers are, how they managed to infiltrate the company’s online store, or how many people are affected.
While being in the field of speculation, The register believes that a credit card skimper code could have been involved, especially since the Wacom’s online store is fed by Magento.
Magento is an open-source open source electronic commercial platform, and as such is a frequent target. For example, at the end of July 2024, researchers reported a creative technique involving so -called swaps files used to deploy persistent credit card skimmers on Magento sites. Earlier, in April, cybersecurity researchers found a critical vulnerability in Magento allowing threat actors to deploy persistent deadlines on vulnerable servers.
If you want to know more, be sure to read our Magento definitive accommodation guide.
Via The register
