Warner Music Group has disclosed months-long web skimming incident

Warner Music Group finally found hackers responsible for compromising its online stores

WMG has disclosed a data breach in some of its online stores.

Warner Music Group (WMG) finally disclosed a data breach affecting customers' personal and financial information. In April 2020, the company suffered from a security incident that involved some of the US-based e-commerce stores. WMG is the third-largest company in the global music industry, so this attack was a relevant incident for thousands or even millions of people. In the notification letter of a data breach the company wrote^[1]:

On August 5, 2020, we learned that an unauthorized third party had compromised a number of US-based e-commerce websites WMG operates but that are hosted and supported by an external service provider. This allowed the unauthorized third party to potentially acquire a copy of the personal information you entered into one or more of the affected website(s) between April 25, 2020 and August 5, 2020.

PayPal payments information on the hacked online stores remained safe. However, the company didn't disclose which stores were affected by hackers' actions.^[2] The hacking incident looked like a Magecart or general web skimming^[3] attack. During such an attack, hackers take control of the website and insert malicious code to steal customer payment information.

Warner Music Group spokesperson explained^[4]:

E-commerce websites operated by Warner Music Group through a third party e-commerce platform were targets of a cybersecurity attack, which potentially exposed credit card and related data that customers entered into the sites.

The payment information was potentially stolen

Although the company mentioned that the unauthorized actor managed to access a copy of the data recorded on some online stores, Warner Music Group has not confirmed that this data has been extracted from the websites. But the possibility that such sensitive user information may be used for phishing attacks, bank fraud, and other crimes cannot be ruled out.

Potentially stolen user data could have included:

• Full names
• Email addresses
• Phone numbers
• Billing addresses
• Payment card details
• Shipping addresses.

Thus, it is clear that such data is crucial and must remain secure from hacker attacks. To ensure the security of the affected customers, Warner Music Group now offers free Kroll's identity monitoring services for 12 months.

Even the largest companies can suffer from hacker attacks

Founded in 1998, Warner Music Group has more than 5 400 employees and operates in over 70 countries via a network of subsidiaries, affiliates, and non-affiliated licensees. Moreover, WMG owns and operates some of the most successful and the largest labels in the world, such as Warner Records, Atlantic Records, Parlophone, and Elektra Records. Warner Music Group also owns one of the largest music publishers in the world, Warner Chappell Music.

By falling victim to a Magecart attack, this large conglomerate has proven that even the biggest businesses can suffer from hackers' attempts to steal sensitive data. In attacks like this one, cybercrime gangs are hacking into online stores to insert malicious scripts inside their checkout pages' source.^[5] It's the part of skimming attacks. Hackers' end goal is to steal all the personal or payment data of customers.