Online skimming is a new form of card fraud. In November 2015, the first case was reported. Upon investigating, I scanned a sample of 255K online stores globally and found 3501 stores to be skimmed. It is now ten months later. Are the culprits in jail yet? Not quite, here are the numbers of compromised stores:
November 2015 3501
March 2016 4476 +28%
September 2016 5925 +69%
Victims vary from car makers (Audi ZA) to government (NRSC, Malaysia) to fashion (Converse, Heels.com), to pop stars (Bjork) to NGOs (Science Museum, Washington Cathedral).
At least 159 hacked stores use Magento Enterprise Edition, which is used only by the largest online stores.
754 stores who are skimming today, were already skimming in 2015. Apparently you can skim cards undisturbed for months.