THREAT SENTINEL
Back to Dashboard
Data BreachesHigh

E-commerce Platform Breach Exposes 500,000 Payment Cards

Thursday, March 12, 2026
United States, Canada
Breach Report

Summary

A major e-commerce platform has suffered a data breach through a Magecart-style attack, resulting in the theft of half a million payment card details.

Threat Analysis

E-commerce Payment Card Breach

Incident Overview: ShopMax, a popular e-commerce platform, has confirmed a payment card breach affecting approximately 500,000 customers who made purchases between January and March 2026.

Attack Details: The breach was caused by a web skimmer injection attack (Magecart-style). Malicious JavaScript code was injected into the checkout pages, capturing payment card data in real-time.

Data Compromised: - Full payment card numbers - Expiration dates - CVV codes - Cardholder names - Billing addresses

Discovery Timeline: - March 5: Third-party researcher discovers skimmer - March 6: ShopMax notified - March 7: Malicious code removed - March 11: Investigation completed - March 12: Customer notification begins

Customer Action Required: - Monitor bank statements - Request new cards if purchases were made during affected period - Enable transaction alerts

Last updated: Mar 15, 2026, 11:11 PM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM