In April 2019, there were at least eight e-commerce service providers that had been targeted with JavaScript skimming attacks. Visa Payment Fraud Disruption (PFD) found the same malware and infrastructure for data exfiltration used across these eight cases. In July 2019, researchers reported that these service provider attacks were much more significant than initially believed and affected over 17,000 domains that integrated code from the service providers targeted in April. The attacks were reportedly successful due to an automated process whereby the attackers scanned for misconfigured write permissions in a widely-used content delivery network (CDN).