From csoonline.com
The payment card breach that hit Macy’s online store in October was the result of a highly targeted and custom-built Magecart attack that could set the trend for web skimmers going forward, researchers believe.
On November 14, US department store chain Macy’s alerted customers of a security breach discovered in October on its website that led to the compromise of payment card details and customer information, including full names, addresses, telephone numbers and email addresses. At the time, the company described the breach as consisting of highly specific unauthorized code injected into the checkout and wallet pages on Macys.com with the goal of capturing information submitted by customers — in other words what the security industry calls a web skimming attack.