Wisepay stated that the hack which happened between 2 to 5 October allowed the hackers to collect payment information during that period of time which affected over 300 institutes in the Uk.
It's early, but it seems that Wisepay may have encountered a credit card skimming attack, also known as a Magecart hack.
Attackers were not able to hack into any databases but were able to redirect wisepay users to an external website where they have full control.
So if during the time the hackers run that page, I pay for a service at my son's school, they'll have access to all my credit cards information when I entered them.
These types of attacks often never last as long as hackers are typically detected and removed from the system pretty quickly. Cybercriminals, therefore, need to follow highly active payment mechanisms for targets. Wisepay may have been a worthwhile aim as a corporation making payments for several schools and universities.
Wisepay stated that this does not store any details on the transaction (credit card or debit )
Wisepay also stated that parents who believed they might be affected by this attack or made any payment during the 2-5 of October should their bank and cancel their credit card and adjust any passwords for internet banking.
The ICO reported that Wisepay had informed it of
"a potential data breach and we will be making further enquiries"
Nice