Skip to content

MageCart attack targets iOttie’s online store

  • by
  • 2 min read

iOttie, a renowned car mount and mobile accessory manufacturer, has issued a data breach notification alerting customers that its online store was compromised for nearly two months, resulting in the theft of credit card information and personal data.

The breach occurred between April 12th and June 2nd, 2023, when malicious scripts were injected into the website.

The company suspects that criminal e-skimming took place during this period, whereby malicious actors gained unauthorised access to customer data. Although the malicious code was removed during a WordPress plugin update on June 2nd, iOttie warned that customer’s credit card information may have been acquired and used for fraudulent purchases on their website.

While the exact number of affected customers remains undisclosed, the stolen information potentially included names, personal details, financial account numbers, credit and debit card numbers, security codes, access codes, passwords, and PINs. This type of attack, commonly referred to as MageCart, involves hackers infiltrating online stores and implanting malicious JavaScript on checked pages to collect sensitive information entered by shoppers.

iOttie website operates on WordPress with the WooCommerce plugin.

The stolen information could be utilised for financial fraud, identity theft, or sold on underground platforms accessible through the dark web. As a precautionary measure, iOttie advises all customers who made purchases on their website between April 12th and June 2nd to diligently monitor their credit card statements and bank accounts for any signs of fraudulent activity.

Although iOttie has not disclosed the exact details of the breach, their online store operates on WordPress with the WooCommerce merchant plugin. WordPress websites have often been targeted by threat actors due to vulnerabilities found in plugins, which can enable complete site takeovers or the injection of malicious code into templates. Recent incidents have highlighted attacks exploiting vulnerabilities in various WordPress plugins such as cookie consent burners, Advanced Custom Fields, and Elementor Pro.

Customers affected by the breach should remain vigilant and take the appropriate measures to protect their financial information.

In the News: New Opera One browser features AI chatbot Aria

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: