Guitar tutoring website TrueFire has apparently suffered a ‘Magecart’ style data breach incident that may have exposed its customers’ personal information and payment card information. The hacker News learned about the incident after a few affected customers posted online details of a notification they received from the company last week. TrueFire hasn’t yet publicly disclosed or acknowledged the breach. The company claims to have now patched the web vulnerability that allowed attackers to compromise its website in the first place. The scenario looks very similar to a Magecart style attack that captures payment information of customers making purchasing on the sites.
Source: https://thehackernews.com/2020/03/truefire-guitar-tutoring-data-breach.html