For years the eCommerce side of business has grown and with that the functionality and services made available through them. Websites have been heavily relying on ads, analytics, and all kinds of other services in a huge growth of expanding our capabilities and knowledge in this space. External suppliers have also always been a part of this growth where contextual ads, analytics or a live chat service are outsourced. While traditional supply chains have always been under high scrutiny the web equivalent of the supply-chain hasn’t, not at all. In 2018 we disclosed a multitude of supply-chain attacks on the web when we disclosed the Ticketmaster breach as well as many others. Let's take this a step further and see how these attacks play out, how they start, how they impact the organizations using these supply-chains as well as the fairly limited insights organizations have during these events.