Payment Credentials Grabbed from GOP E-Commerce Site
Payment card data from shoppers at the online store operated by the National Republican Senatorial Committee have been stolen by Russian cyber criminals, according to a Dutch security expert.
The theft took place between March 2016 and early October, said Willem De Groot, co-founder and head of security at Dutch e-commerce site byte.nl. The stores sells T-shirts and other items promoting the presidential candidacy of Donald Trump, along with other goods.
De Groot said he “dissected the malware planted on the NRSC’s site and other servers and found that the hackers used security vulnerabilities or weak passwords to break in to the various e-commerce sites,” according to a report from Krebs On Security. The committee offered no immediate comment, and there was no indication of how much data the criminals stole.
But De Groot said the committee was among approximately 5,900 e-commerce sites attacked by the same person or group, and that the “purloined card data was sent to a network of servers operated by a Russian-language Internet service provider incorporated in Belize.”
The news comes amid ongoing reports of the theft of Democratic Party data by Russians during the U.S. 2016 presidential campaign.