Newegg users’ credit card info was exposed to hackers for a monthSeptember 19, 2018
Hardware retailer Newegg suffered a month-long data breach that exposed users’ credit card information to the same hackers who targeted British Airways and Ticketmaster UK earlier this year. The exact scope of the attack is still unknown as the company just discovered the breach yesterday and began taking action.
Newegg sees about 50 million monthly visitors and has a business valued at $2.65 billion. Threat management firm RiskIQ, which uncovered the breach alongside cybersecurity firm Volexity, says, “We can assume this attack claimed a massive number of victims,” although the numbers are still being investigated.
Hackers injected 15 lines of code into Newegg’s payments webpage that’s accessible through mobile and desktop, and it stayed on the page from August 14th to September 18th. The script, placed on the final checkout page, would skim credit card info. Credit card data was then sent to a server of a similar domain name and an HTTPS certificate that was actually controlled by the hackers.
Magecart is the same criminal group behind all three data breaches, according to threat management firm RiskIQ. The attacks follow a similar pattern. Magecart tends to ignore company databases or servers and instead targets customers’ personal data by injecting scripts on payment platforms.
Newegg is based in California, unlike the first two targets, Ticketmaster UK and British Airways, which are both located in the UK. The cyberattacks, as RiskIQ points out, clearly know no geographic boundaries. “As we built the narrative, it’s becoming clear to the industry that these simple yet clever attacks are not only devastating, they’re becoming more and more prevalent. Newegg is just the latest victim,” says RiskIQ on its site.
Newegg sent out emails to customers who made purchases during the one-month time period today, and it plans to post an FAQ on its site by Friday. Users who made purchases during the past month should keep an eye on their bank accounts for suspicious activity. We’ve reached out to Newegg for comment.