Sixth June

Sixth June is aFrench fashion online store, headquartered in France, offering clothing and accessories via its e‑commerce platform. It serves customers primarily in France and potentially reaches an international audience through its website. The store concentrates on contemporary fashion trends, providing a digital retail experience for shoppers seeking apparel and related items. Its core business revolves around online sales of fashion products, leveraging a website to display catalogues, process orders and handle payments. The company operates in the competitive e‑commerce fashion sector, where maintaining website security is critical to protect consumer data.

On 23 October 2019, the Sixth June online store fell victim to a MageCart‑style e‑skimmer that injected malicious JavaScript into its checkout flow. The malicious code was served from a domain crafted to resemble Magento, allowing it to appear as a legitimate third‑party resource. The skimmer harvested payment card information, capturing cardholder names, numbers, CVV codes and expiration dates entered by shoppers. In addition to card data, the script collected personal details from form fields such as postal addresses, e‑mail addresses and passwords. The stolen data could be used for fraudulent transactions and potential account takeovers affecting the compromised customers. Researchers identified the intrusion after approximately one week of unauthorized data collection, noting that the attackers had masked their activity using counterfeit Google Tag Manager code. Despite receiving multiple alerts from security observers, the company’s leadership did not immediately remove the malicious script, allowing it to remain active for several further days. Eventually the skimmer was taken down, but the incident was later linked to a wider campaign that had compromised more than eighty other websites employing similar e‑skimming infrastructure. The episode underscored the risks faced by fashion e‑commerce platforms that rely on third‑party scripts and highlighted the importance of continuous monitoring for anomalous code.