Several e-commerce sites were targeted with a card skimming campaign that used the Salesforce-owned Heroku cloud platform to host skimmer infrastructure and stolen credit card data. Security firm Malwarebytes says it appears that members of Magecart were using Heroku, according to a Wednesday blog post by Jrme Segura. Magecart is an umbrella organization comprising several groups, including British Airways, Ticketmaster and Newegg. Over the past year, security firm RiskIQ has detected Magecart-linked code over 2 million times and over 18,000 domains have been breached.”]
Source: https://www.govinfosecurity.com/skimming-campaign-leveraged-heroku-cloud-platform-report-a-13472