Cyber Incident Victim: Sweaty Betty

The Sweaty Betty incident involved a Magecart attack compromising the UK activewear retailer's website between November 19, 2019, at 6:24 PM GMT and November 27, 2019, at 2:52 PM GMT. Attackers injected malicious code into checkout pages to intercept payment information entered by customers during online purchases. This script captured credit and debit card details in real-time as shoppers submitted them, transmitting stolen data to attacker-controlled servers. The compromise exclusively affected customers entering new payment information during the eight-day window, with saved payment methods remaining unaffected due to the script's operational design. Payment methods processed through third-party platforms like PayPal and Apple Pay were also not exposed to data theft. Sweaty Betty confirmed the breach through customer notifications sent via email, specifying the exact timeframe of exposure.

Impacted customers faced potential financial fraud from stolen payment card details. The retailer advised immediate contact with financial institutions to flag suspicious activity and recommended continuous monthly monitoring of account statements for at least six months due to delayed fraudulent charge risks. Credential theft also occurred during the breach, prompting Sweaty Betty to mandate password resets for all customer accounts regardless of purchase activity during the compromise period. The company's public disclosure occurred on December 4, 2019, through breach notifications that outlined the attack vector but did not specify the number of affected individuals or technical details about the website compromise method. No information was provided regarding malware removal processes or post-incident forensic investigations in the available source material.