Magecart attacks work on the same principles that a POS skimmer would at a physical cash register. The bad guys find a way to quietly insert scripts onto compromised servers running payment systems to steal customer data as it’s entered by customers on an e-commerce site. Security experts believe this has to do with the work done to reduce POS fraud through the use of chip-based credit cards. Last year we saw anecdotal evidence of this with high-profile attacks against the likes of British Airways, Ticketmaster, and NewEgg.”]
Source: https://www.darkreading.com/cloud/7-signs-of-the-rising-threat-of-magecart-attacks-in-2019