Active Network, which provides web-based school accounting software for schools and districts, recently disclosed that bad actors gained access to its platform, Blue Bear. Potentially affected data includes names, payment card numbers, and store username and passwords.
Reports have indicated that this appears to be a web skimming (Magecart) attack. Hackers breached Blue Bear and planted malicious code on its school stores that collected users' payment details in real-time, while they were paying fees and buying products.
These types of attacks were some of the most common hacks last year, and the FBI issued a security alert last October, warning the US private sector to deploy security measures and safeguard online stores against possible compromises.