background.png

The Cyber Feed

Next Gen Managed Detection and Response Starts Here.

Recent Posts

Posts by Topic

see all

Get Updates from Us!

Nothing fine about it - Sotheby's data breach

Following reports on social media[1] and notification to the California Department of Justice[2], yet another retailer is preparing to communicate details of a breach to their customers. In this instance, the Art dealer and auction house Sotheby’s became aware of unauthorized changes to their ‘Sotheby’s Home’ website on 10 October 2018 and, based on their release (Figure 1), they believe that this code was present since at least March 2017.

As is to be expected with a Magecart compromise, the data believed targeted includes customer payment card details as well as their contact details.

Whilst technical details of this incident have not been shared, investigations conducted by CyberInt identified a historical script injection leading to an obfuscated Magecart JavaScript hosted on a now offline website.

Download the full report including investigation and recommendations chapters

Sothbey's Magecart_blog_image1Figure 1 – Sotheby’s draft notification letter

Download the full report including investigation and recommendations chapters

SUBSCRIBE

download.jpg