Supply chain
β Supply Chain
e-commerce sites of Feedify Third-Party Breach (September 2018)
Primary Source βIncident Details
Feedify cloud service architecture compromised by MageCart crime gang. MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions. Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials. Third-party company: Feedify.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Feedify
- Supply Chain Attack
- β Confirmed third-party / vendor compromise
Timeline
- 2018-09-01 Breach occurred
- 2018-09-16 Publicly disclosed