25 percent of the sites discovered were large, reputable brands in the motorsports industry and luxury apparel The compromised sites were spread out across the United States, Canada, Europe, Latin America and Asia. The most common similarity across the sites was the use of Magento, all of which are running old versions that are vulnerable to published exploits. The arbitrary file upload, remote code-execution and cross-site request forgery vulnerabilities all affect Magento version 2.1.6 and below.
Source: https://threatpost.com/magecart-ecommerce-card-skimming-bonanza/147765/