State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

OXO

Original Release Date: 1/15/2019

Summary

Kitchen and houseware manufacturer, OXO International, disclosed that customer contact and payment information from their e-commerce site may have been accessed multiple times over a two year period. OXO discovered their servers were compromised from June 9, 2017 - November 28, 2017, June 8, 2018 - June 9, 2018, and July 20, 2018 - October 16, 2018, but believe that attempts to steal data may have been unsuccessful. OXO has since fixed the vulnerabilities present in their servers, and sent out notification emails to affected customers containing a member ID for a year of free credit-monitoring services from Kroll. Bleeping Computer attributes at least one of the attacks to MageCart: several hacker groups who inject malicious scripts onto legitimate webpages in order to steal payment information.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.