OXO

Kitchen and houseware manufacturer, OXO International, disclosed that customer contact and payment information from their e-commerce site may have been accessed multiple times over a two year period. OXO discovered their servers were compromised from June 9, 2017 - November 28, 2017, June 8, 2018 - June 9, 2018, and July 20, 2018 - October 16, 2018, but believe that attempts to steal data may have been unsuccessful. OXO has since fixed the vulnerabilities present in their servers, and sent out notification emails to affected customers containing a member ID for a year of free credit-monitoring services from Kroll. Bleeping Computer attributes at least one of the attacks to MageCart: several hacker groups who inject malicious scripts onto legitimate webpages in order to steal payment information.

Data BreachNJCCIC