Cyber Incident Victim: X-Cart

In late October 2020, e-commerce software provider X-Cart experienced a ransomware attack that disrupted operations for customer stores hosted on its platform. The incident occurred when attackers exploited a vulnerability in third-party software to infiltrate X-Cart’s store hosting systems. This compromise led to partial outages across the hosting infrastructure, with some stores becoming completely inaccessible while others faced operational issues such as failures in sending email notifications. The company’s Vice President of Marketing, Jeff Cohen, later confirmed the incident impacted only a small segment of their infrastructure—primarily shared hosting servers—while core systems remained unaffected. Service disruptions persisted until restoration efforts were completed, though the exact duration of downtime was not specified in public statements. The attack occurred amid a broader surge in ransomware operations targeting hosting providers and data center operators, placing X-Cart among other victims like Equinix and CyrusOne.

X-Cart’s parent company, Seller Labs, responded by restoring all affected customer websites from backups without paying the ransom demanded by attackers. Cohen emphasized that service recovery and system stability were prioritized over addressing potential legal repercussions, including references to a possible class-action lawsuit arising from the incident. By November 8, 2020, all customer sites had been fully restored, though the company did not disclose whether customer data was exfiltrated or the specific ransomware variant involved. Independent reports from PortSwigger’s The Daily Swig and ZDNET confirmed the operational restoration, noting X-Cart’s reliance on backup systems to circumvent ransom demands. The incident underscored vulnerabilities in third-party software integrations within hosting environments while highlighting the growing targeting of web infrastructure providers by ransomware groups during this period.