Helping PrismRBS protect 400+ websites against Magecart attacks post data breach
400+
Individual websites monitored
> 1 Hour
Alerting time for potential security breaches
20,000,000 +
Hosts checked per month
Challenge
PrismRBS are a SaaS provider hosting websites for over 400 college and university bookstores across North America. After noticing some anomalies on their website they realised they had fallen victim to a Magecart card skimming attack. Hackers had placed false code on their payment pages, hidden as Google Analytics javascript, that was able to skim credit card information as customers were entering it. This was despite PrismRBS already using iFrames and tokenisation to collect data.
Over 200 sites were impacted, and quick action was needed to reduce reputational damage and ensure that customers financial data was safe and secure. PrismRBS needed a persistent and comprehensive synthetic monitoring tool that would allow them to monitor hundreds of unique sites, record any data sent to external hosts and to be alerted immediately should any anomalies arise (and they needed the solution quickly!).
Solution
Working with RapidSpike, PrismRBS initially set up hourly Synthetic User Journeys running over 400 websites. Using a Powershell integration via our API they were able to push out one automated and standardised “super journey” meaning the business critical process of adding to cart, entering the payment page and being able to check out was continuously being tested for each individual site.
PrismRBS utilised our proactive security risk detection by creating trusted host lists and were able to immediately alert different team members to potential security issues using alert hooks. Since then PrismRBS have begun to take advantage of other RapidSpike features, including assurance and performance monitors in app, allowing them to find and fix faults and in turn enhance their service for their own clients.
Key Results
PrismRBS have been able to protect their long term brand reputation when it comes to security breaches by acting quickly to implement RapidSpike. They are now able to give their own clients peace of mind with proof of consistent monitoring, and the ability to showcase trusted host lists and security metrics in-app. In the event of a future breach they would be alerted in minutes rather than months.
RapidSpike has also helped to save time and resources, as previously PrismRBS used a mystery shopper team to manually go through the online checkout process and check scripts for ten of its biggest customers – a relatively expensive approach valid only at that point in time. Our automated solution and continuous testing (used over 400+ websites) makes RapidSpike an easier, faster, and more cost-effective solution.
RapidSpike has absolutely helped us to protect our long term brand reputation. Peace of mind goes a long way, the fact we are able to pull specific whitelists out of RS and tell clients exactly which external hosts they have communicated with is vital. In the event the hack was re-implemented we would have known about it within the hour. RapidSpike was the first step in recovering our brand reputation.
JARED GAMMEL, Associate Developer at PrismRBS