Data exposure is a significant, unaddressed problem for Europe’s top mobile providers and, by extension, more than 253 million customers who sign up for their services and share sensitive personal data. Forms used to capture credentials, banking details, passport numbers, etc., are exposed to an average of 19 third-parties. This level of exposure, combined with the high value of the data captured, make this an attractive target for Magecart attacks. Without controls, every piece of JavaScript code running on websites can modify, steal or leak information through client-side attacks enabled by JavaScript.
Source: https://www.helpnetsecurity.com/2021/04/02/mobile-providers-exposing-data/