Most of the attacks are performed by intercepting the data between the payment gateways and website or online store.
As we have seen recently the use of e-commerce websites has increased rapidly which caught the eyes of hackers. In past few months, several attacks had made on the e-commerce websites in order to steal the credit card information and banking related information.
To get the information attacker generally intercept the information when it is transferring from the online store to the payment gateway which is also known as Man In The Middle Attack. If the site is compromised then no matter how good and secure payment gateway we use, an attacker can easily redirect the data to them and use that information.
In addition, there is a different kind of attack that is used by the attacker on the Magento Site that continuously gets the credit card information from the site and stores that information in any of the remote location. Using a malicious code user is redirected to the fake checkout page where they enter their sensitive information and which is transferred to the attacker.
In order to prevent all this from happening we recommend using Website Application Firewall and having file integrity monitoring system which alarms us in case of file change or in case of any type of modification made in the files.