Enterprises are Ripe for CCPA, GDPR, and Magecart Attacks

Enterprises are Ripe for CCPA, GDPR, and Magecart Attacks
featured image

MCLEAN, VA., July 30, 2020 – The Media Trust, global leader in digital third-party risk management, today announced the launch of their Industry Insights, an index to track issues affecting website security, data protection and performance failures. Despite ongoing security breaches, Consent Management Platforms (CMPs) adoption, and promulgation of data protection regulations, enterprise websites continue to present significant risks that expose them to Magecart attacks and GDPR or CCPA violations.

These Industry Insights ( report on critical findings in the prevalence of third-party code on websites and apps from key industries in the US and EU, including banking, US federal government, healthcare, hospitality and gaming, media publishers, restaurant, and retail. The metrics from this index are derived from continuous client-side monitoring of various online platforms. 

Findings from the 2Q Industry Insights reveals issues affecting:

  • Security
    • Across all industries, 91% of all executing domains are third-party, up from 88% in 1Q 
    • ~12% domains change every month, trending higher than the previous quarter; Restaurants experienced the biggest swing at 40% change
    • 2-3% domains are considered high-risk and should be closely reviewed by website operators
  • Data protection
    • 7,985 years is the longest cookie lifespan detected; found on Banking, Healthcare, Hospitality, US Media, and EU Media
    • 32% of cookies have lifespans greater than 12 months, increasing the risk of data harvesting and running afoul of data protection regulations 
  • Performance
    • 4.18 seconds is the aggregate total load time; potential starting point to investigate viewability issues

While this benchmark establishes the prevalence of third-party code throughout the digital ecosystem, The Media Trust founder, Chris Olson states, “Digital is where data protection and security converge. Inability to properly identify and manage third-party code is key to avoiding lawsuits, regulatory penalties and erosion of customer trust.”

“As we have seen in the past, no one person or team is in charge of enterprise websites or apps,” continues Mr. Olson. “Today, General Counsels and Digital Protection Officers (DPOs) oversee CMPs and internal audits while security leaders defend against breaches. These Industry Insights expose the residual risk on digital properties. Even though companies have enabled opt out and do not sell requests and also implemented CMPs, the day is coming when enterprises are increasingly sued for breaches attributed to third-party code.”

Updated monthly, this one-of-a-kind Industry Index is a new tool that provides much-needed context to a comprehensive understanding of how third-party code drives end-user security and data protection issues. These Industry Insights are available at

About The Media Trust
The Media Trust is on a mission to make the internet a healthier, more valuable place for publishers and consumers. Working with the world’s largest, most-heavily trafficked digital properties and their upstream partners, The Media Trust delivers real-time security, data privacy, performance management and quality assurance solutions that help protect, monetize and optimize the user experience across desktop, smartphone, tablet and gaming devices. More than 600 enterprises, media publishers, ad networks/ exchanges, and agencies—including 40 of comScore’s AdFocus Top 50 websites—rely on The Media Trust to protect their website, their employee internet use, their revenue and, most importantly, their brand.

Media Contact:
Kristine Jacobson
Phone: 703-867-0575