Monday, February 17, 2025
HomeCyber Security NewsOver 14000 customers Impacted with the BevMo Payment Card Breach

Over 14000 customers Impacted with the BevMo Payment Card Breach

Published on

SIEM as a Service

Follow Us on Google News

BevMo Payment Card Breach impacted more than 14000 customers, attackers injected skimmer scripts into the checkout page of the website.

The injected skimmer scripts record keystrokes from customers and transfer the data to the attacker’s server.

Attackers stolen data includes customer names, phone numbers, addresses and credit, and debit card numbers along with security codes.

BevMo said the attackers placed the skimmer scripts between Aug.2 and Sept.26 and the company has notified the California attorney general’s office about the breach.

Now the wine and liquor company announced that they have removed the malicious script from the website checkout page and the investigation still in progress.

As we know hackers are determined and they spent huge time with an organization to find the network structure and they will infiltrate the best way.

Last month Amazon suffered a data breach before the Black Friday, the number of customers names and Email address has been exposed.

Recent Breaches

120 Million Unique Taxpayer ID Numbers Exposed Online From Misconfigured Servers

66 Million Users Personal Data Exposed From Unprotected MongoDB Database

Quora Hacked – 100 Million User’s Data Stolen By Hackers

Hackers Stolen 500 Million Guests Personal Information From Starwood Hotels Guest Reservation Database

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Ransomware Gangs Encrypt Systems 17 Hours After Initial Infection

Ransomware gangs are accelerating their operations, with the average time-to-ransom (TTR), the period between...

Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers

Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable...

Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB

A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered,...

New XCSSET Malware Targets macOS Users Through Infected Xcode Projects

Microsoft Threat Intelligence has identified a new variant of the XCSSET macOS malware, marking...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Ransomware Gangs Encrypt Systems 17 Hours After Initial Infection

Ransomware gangs are accelerating their operations, with the average time-to-ransom (TTR), the period between...

Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers

Security researchers have uncovered sophisticated malware targeting WordPress websites, leveraging hidden backdoors to enable...

Xerox Printer Vulnerability Exposes Authentication Data Via LDAP and SMB

A critical security vulnerability in Xerox’s Versalink C7025 Multifunction Printer (MFP) has been uncovered,...