OXO compromise was a MageCart attack
https://www.bleepingcomputer.com/news/security/oxo-breach-involved-magecart-attack-that-targeted-customer-data/
United States based kitchen utensil manufacturer OXO International disclosed a data breach that spans numerous periods over two years. This breach notification states that customer and payment information may have been exposed and further research by BleepingComputer indicates this was most likely a MageCart attack.
In a data breach notification filed with California, OXO International has stated that between June 9, 2017 – November 28, 2017, June 8, 2018 – June 9, 2018, and July 20, 2018 – October 16, 2018 their servers were compromised in order to try and steal customer's customer and payment information.