American Cancer Society’s Online Store Hit with Skimming Malware

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author

Sick on the Inside
The American Cancer Society deals with illness of the human sort, but recently they had to deal with another kind of toxic plague silently taking over. On the outside, things looked fine. But on the inside, there was a silent plague.

Hidden as analytical code, security experts discovered malware embedded in the American Cancer Society’s storefront of their website. It functioned by searching for “checkout” and then skimmed users’ credit card information and directed payment to the hackers. If there is a “good news” part of this story, it is that the hacker’s web address was exposed upon discovery of the malware and the discovery was made and remedied within a few days.

This incident was also similar to the breach of Mission Health; however, their site was infected for nearly 3 years.

Security experts are alerting individual clients and businesses of the increase in e-skimming threats, warning them to keep their systems updated as well as maintaining constant monitoring of any changes.

As with all cybersecurity practices, remain diligent with your own security and use as many verification points as possible in all of your online practices.

This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.

HIPAA Secure Now! suite of subscriptions offers an extensive list of tools to provide ongoing training, assessment, moderation activities and more to support an organization’s privacy and security efforts. Subscriptions also support the process of conducting an annual Security Risk Assessment to meet MIPS and Promoting Interoperability requirements.

The subscriptions work for organizations of all sizes, both Covered Entities and Business Associates. All are priced at a flat annual fee, based on number of employees, for a full 12 months. All include a discount if purchased through us.


If your organization has more than 50 employees, or if you’d like to schedule a demo or you just want to get a couple questions answered, take a few seconds to complete this form and we will get back to you.