Element Vape, a popular online retailer that sells e-cigarettes and their accompanying accessories, had its website compromised and loaded with the notorious MageCart credit card skimmer.
The news was revealed by BleepingComputer, whose analysts investigated the website's code and found the skimmer on the checkout page. The skimmer stole information such as email addresses, credit card numbers and expiration dates, phone numbers, billing addresses, and street and postal codes.
As soon as the existence of the skimmer was confirmed, the publication notified Element Vape, which reacted quickly, removing the malicious code from its website that same day.
recent attack
How the code ended up on the web page in the first place remains a mystery, and it's unclear if any of the company's endpoints were infected with malware.
The name of the threat actor is also unknown. The post says that the stolen data is leaked to an encrypted and obfuscated Telegram address.
What the investigation found was that the attack most likely dates from a more recent date, as the code was not present on the site as of early February of this year.
Element Vape has been attacked before, says BleepingComputer. In 2018, it notified its clients about possible leaks of personally identifiable information (PII) to unknown threat actors.
Consumers filed a lawsuit, claiming the company failed to notify affected individuals in time and did everything possible to prevent the incident from happening in the first place. The lawsuit was followed by a class action lawsuit in 2019, which required a jury trial.
While the community response to Element Vape appears to be mostly positive, there are some potential red flags on social media, suggests BleepingComputer. For example, in some US states it is known as TheSY LLC and has 13.000 Twitter users. However, their tweets are protected, which is not what you're used to seeing from a company.
Element Vape has not yet commented on the results. Customers who interact with the company are advised to keep both eyes on their credit cards, looking for suspicious transactions.