Supply chain
[SC] Supply Chain
e-commerce sites of Feedify Third-Party Breach (September 2018)
Primary Source ↗Incident Details
Feedify cloud service architecture compromised by MageCart crime gang. MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. UAT-10362 linked to LucidRook attacks targeting Taiwan-based institutions. Bitcoin Depot hack leads to $3.6M Bitcoin theft via stolen credentials. Third-party company: Feedify.
Technical Details
- Initial Attack Vector
- Compromise of third-party service provider / vendor relationship
- Vendor / Product
- Feedify
- Supply Chain Attack
- ✅ Confirmed third-party / vendor compromise
Timeline
- 2018-09-01 Breach occurred
- 2018-09-16 Publicly disclosed