Protect Your Website

Magecart Detection

Detect Magecart data breaches on your website. Defend against client-side javascript, supply chain attacks and formjacking.

Am I At Risk? Magecart Monitor

What is Magecart?


Magecart is the collective term for a number of hacking groups that have appeared in recent years.

The hackers use a variety of tactics to exploit vulnerabilities and skim customer details – mainly usernames, passwords and credit card information.

Data Breaches

A common attack method is a supply chain attack – where hackers target third party service providers.

Many sites load these third party scripts for ads, live chat, analytics etc. By compromising a popular tool Magecart can gain access to all the sites that utilise it.

Using formjacking hackers can then skim card details and other customer information and send it to a destination of their choosing.

Who has been affected by Magecart?


Magecart has recently been described at the “Number one threat in cyber security”. Thousands of sites have been compromised in 2019 alone, with a particular focus on ecommerce sites.

In addition to damage to reputation, large fines have been handed out for data breaches – most notably British Airways who were fined £183 million for a Magecart hack that lasted just 5 days.


Some high-profile examples:

  • Vision Direct
    Attack lasted 5 days, 6600 customers affected.
  • British Airways
    Attack lasted 16 days, 380,000 customers affected.
  • Newegg
    Website was compromised for over 1 month.
  • Ticketmaster
    40,000 customers were affected over 9 months.
  • Discount Mugs
    Website was hacked for over 4 months.
  • Sotheby’s
    Customers were vulnerable for over 19 months.

Whilst your customers browse and purchase on your website, scripts are loaded from third parties.


If a third party is compromised, hackers then have a way to write scripts affecting your website.


Hackers can then intercept customer card details without you even noticing.

Magecart: Are you at risk?

Discover if your business is vulnerable to this type of attack.

Am I At Risk?

Detecting Magecart

Magecart breaches can be difficult to identify, with many going weeks or months before detection. In some cases sites have been compromised repeatedly by the same vulnerability.

Magecart hacks share a common detail – whenever customer data is taken from a site it must be sent to a new location hosted by the hackers.

RapidSpike monitors where your website sends data.
If we see a new unknown destination, we alert you.

Simple, effective, foolproof.

Magecart Monitor »


  • Insider: Yorkshire's Most Exciting Companies
  • Northern Digital Awards 2019 Shortlist
  • KPMG Best British Tech Startup 2019: Northern Finalist
  • Prolific North Tech 100: Top 30 Companies to Watch