What you Need to Know
- March 20, 2020 a payment card skimmer was found on the Tupperware website.
- The malicious code was removed on March 25, 2020, but it is unclear how long the malicious code remained on the page.
- It is unclear how many people were affected by the Tupperware payment page.
- Breached information includes first and last names, billing addresses, telephone numbers, credit card numbers, expiration dates, and security codes.
Details
On March 20, 2020, researchers discovered malicious code within the payment page on the official Tupperware website. This malicious code, disguised as an image file, replaced the payment form on the Tupperware website with an identical replica. When Tupperware shoppers entered their payment information, the malicious code skimmed their card information and passed it on to cybercriminals to use as they please. Victims were then shown an error message indicating that the transaction could not be processed, prompting them to refresh the page and try again. After refreshing, they were then provided with the original Tupperware payment form and were able to make their purchase successfully. This breach put the first and last names, billing addresses, telephone numbers, credit card numbers, expiration dates, and security codes into the hands of cybercriminals.
The malicious code was removed from the Tupperware website on March 25, 2020. However, it is unclear how long the malicious code was on their website before it was discovered. Because of that, it is difficult to identify just how many Tupperware shoppers were victims to this breach.
How Do I Know If I Was Affected?
At the time of this writing, Tupperware has not publicly disclosed that they fell victim to a cyber attack and has not taken steps to contact those who may have been affected by this breach.
While you may be taking steps to stay safe online yourself, this doesn't mean that everyone else is doing the same. The news headlines are full of reports of major websites experiencing data breaches, but only a small number of these breaches are made known to the public. Companies hide breaches every day for fear of the negative attention and loss of business that comes with their breach of customers' trust. Guardio offers account monitoring that can alert you right away if your account information was shared online or on the dark web for criminals to access so that you know to begin taking action to protect yourself right away.
Source: Computerweekly.com
