Google’s Tag Manager hacked, sensitive info exposed

Google’s Tag Manager (GTM) containers were hacked to install malicious e-skimmers that steal payment card data and personally identifiable information of shoppers on e-commerce sites.

Thousands of e-commerce sites use Google Tag Manager containers for data on website usage metrics, customer tracking and marketing purposes.

But cybersecurity experts have found three significant variants of malicious scripts that cybercriminals are hiding within GTM containers that allow them to exfiltrate the personal information of shoppers:

Over 165,000 payment card records attributed to victims of GTM container abuse attacks have been posted to dark web carding shops. The total number of payment cards compromised via GTM-based e-skimmers is likely higher.

The cybersecurity researchers found 569 e-commerce domains infected with e-skimmers. According to the report, 314 were confirmed to have been infected by a GTM-based e-skimmer variant while 255 had infections that exfiltrated stolen data to malicious domains associated with GTM abuse.

Nearly 90 of these e-commerce domains were still infected as of Aug. 25 and on average, researchers found it took more than three months for the infections to be remediated.

The other day, Starbucks reported its customer database was breached online, with local media reporting that 200,000 individual's information was stolen.