It is worth noting that this version entered its end-of-life phase on 30 June 2019 and didn’t receive any new security updates for the past 12 months. A majority of the compromised stores were running on the 1.x version of Magento online store software.
Read full article on HackRead