Again fallen victim through the weaknesses of PHP driven CMS, in this case Magenta,
reported by Dutch researcher, Willem de G.: https://labs.sansec.io/2019/04/24/atlanta-hawks-magecart/
Atlanta Hawks say the malicious code has now been removed, but Wiilem de G. is doubtful:
https://twitter.com/gwillem/status/1120985161951318016
See also https://www.magereport.com/scan/?s=https://hawksshop.com/ with still many non-patched or mitigated issues.
About the enormous threat of formjacking posed to websites, read:
https://www.security.nl/posting/598734/Symantec%3A+duizenden+webwinkels+getroffen+door+formjacking
A spam hack still seems there: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=aHx3a3NzaF1wLl5dbQ%3D%3D~enc
polonus