Cyber Blog

iOttie, a well-known manufacturer of car mounts and mobile accessories, has issued a data breach notification after discovering that its website was compromised for nearly two months, resulting in the theft of credit card information and personal data from online shoppers.

The breach occurred between April 12, 2023, and June 2, 2023, as stated in iOttie’s data breach notification. On June 2, during a WordPress/plugin update, the malicious code responsible for the breach was removed.

Although the exact number of affected customers has not been disclosed, iOttie warns that names, personal information, and payment details, including credit and debit card numbers, security codes, access codes, passwords, and PINs, may have been stolen.

The attack on iOttie’s website follows the MageCart method, in which threat actors compromise online stores to inject malicious JavaScript into checkout pages. This allows the theft of credit card information submitted by shoppers, which is then utilized for financial fraud, identity theft, or sold on the dark web.

Customers who made purchases on iOttie’s website between April 12th and June 2nd are advised to monitor their credit card statements and bank accounts for any signs of fraudulent activity.

Although iOttie has not disclosed the specifics of the breach, it is noteworthy that their online store utilizes WordPress as its platform, with the WooCommerce merchant plugin. WordPress websites are frequently targeted by threat actors due to vulnerabilities in plugins, allowing them to gain control over sites or inject malicious code.

In recent incidents, threat actors have been exploiting vulnerabilities in various WordPress plugins such as cookie consent banners, Advanced Custom Fields, and Elementor Pro.