An unknown number of victims have been hit by a credit card breach at Newegg
Malicious code was inserted into the website to skim credit card info.
Newegg is dealing with a month-long data breach that affected its website. Between Aug. 14 and Sept. 18, code planted by hackers siphoned off credit card data. It’s not known how many customers have been affected by the breach, according to TechCrunch.
According to Yonathan Klijnsma, a threat researcher at RiskIQ, the code sent credit card data to a server controlled by the hackers with a similar domain name. The code also worked for both desktop and mobile customers, although it’s unclear if mobile customers are affected.
The full extent of the breach is still unknown
Klijnsma says the incident was “another well-disguised attack” and looks similar to the recent British Airways credit card breach. RiskIQ believes the Magecart group is to blame for this latest hack.
“The breach of Newegg shows the true extent of Magecart operators’ reach,” said Klijnsma. “These attacks are not confined to certain geolocations or specific industries—any organization that processes payments online is a target.”
What is Newegg?
Considered one of the largest retailers in the U.S., Newegg made $2.65 billion in revenue in 2016. The company has 45 million monthly unique visitors.
Newegg has not yet commented on this breach, and its website offers no mention of the issue.
If you purchased an item through Newegg in the last month, your best bet is to call your bank. It can confirm your account status and issue new credit cards.
No doubt, these type of hacks have now become commonplace. Unfortunately, it seems like the hackers are winning. They always seem to be one step ahead of researchers and law enforcement.
Do you have any suggestions on what can be done? Leave your comments below.
- Apple basically just admitted new iPad Pro tablets are launching sooner rather than later
- 5 graphical downgrades that put Marvel’s Spider-Man and #Puddlegate to shame
- The YouTube Gaming app was a bust so the company is moving the features back to the main site