Cybercriminal gang has been inserting malicious JavaScript into unsecured Amazon S3 buckets to skim payment data. Researchers have identified about 17,000 domains infected with JavaScript skimmers. This malicious code is proficient at sweeping up payment card data that includes name, card number, expiration date and CVV information. Magecart-associated groups have been suspected in attacks against shoe manufacturer Fila, bedding sites Mypillow.com and Amerisleep.com. Other suspected victims of these attacks include British Airways, Ticketmaster and Newegg.”]
Source: https://www.cuinfosecurity.com/riskiq-magecart-group-targeting-unsecured-aws-s3-buckets-a-12771