Card info entered between August 14 and September 18 is potentially compromised.
Newegg, the popular online electronics retailer, announced on September 19 that it’d fallen victim to a security breach that compromised credit card information for an unknown number of customers. Details on the breach are still developing, but in the meantime, here’s what we know.
On August 14, 2018, hacker group Magecart entered 15 lines of code into Newegg’s website that acted as a credit card skimmer.
When customers entered their card details at Newegg’s checkout page, the malicious code grabbed the payment info and sent it to a domain name owned by Magecart.
Newegg shut down the code on September 18, meaning it was grabbing customer’s financial information for nearly a month.
At this time, we currently don’t know how many people were affected by this attack. Newegg serves around 50 million customers every single month, but it’s unclear if all buyers had their info stolen or only people that were entering card info for the first time.
Newegg will be publishing an FAQ with more information on September 21, and we’ll update this article accordingly once we know more.
What can I do to stay safe?
Until we learn more, your best bet is to keep an eye on your bank/credit card statements to make sure no unusual activity is taking place. Once we have a better understanding of which customers had their info stolen, you may need to deactivate your card and get a new one.
September 20, 2018 at 05:54AM