Customers’ credit card details have been compromised on thousands of retail websites using shopping cart software from Volusion, including the official Sesame Street online store. Malicious code used to copy card details, in a method called ‘web skimming’, was found by a security researcher while browsing the site. Over 6,500 web pages have been affected, although since Volusion have 20,000 customers, the number could be much higher. The company state that they have now deployed a security fix.
People who are concerned that they have had their details breached are advised to monitor their bank accounts and report any suspicious activity. Since stolen data may be used to trick customers into disclosing further personal information by making the criminals seem like a legitimate source, you should be wary of unsolicited contact from anyone claiming to be from your bank or credit card provider. Genuine financial institutions will never ask for full passwords and will not ask you to reveal your personal information or account details via email.