Newegg Website Was Infiltrated By Hackers For Nearly A Month, Customer Financial Data Stolen
Even though Newegg is one of the most popular destinations for enthusiasts looking to score the latest and greatest hardware for the gaming rigs, the retail giant is not immune to the nefarious actions of the hacker community. To that end, Newegg's website was hacked, and the parties responsible were able to inject 15 lines of credit card skimming code into the retailer's payments page. That code hid there, undetected, from August 14 through September 18 meaning if you made a purchase there between those dates, you need to be concerned.
News of the attack comes from Yonathan Klijnsma, a threat researcher from RiskIQ. The injected code was able to steal credit card data from customers and sent that data to a server that was controlled by the hackers using a similar domain name. An HTTPS certificate was used with the nefarious server so that shoppers would be none the wiser.
The nefarious injected code worked on both the desktop and mobile versions of the Newegg website, but it's not clear now if mobile transactions were affected. Newegg removed the code yesterday after being contacted by a company called Volexity, the incident response firm that discovered the malicious code. It's easy to think of Newegg as a smaller online retailer, but it is massive, and this hack has significant reach. Newegg did $2.65 billion in revenue in 2016 and had more than 45 million monthly unique visitors.
No details on exactly how many transactions were made during the time the malicious code was live have been offered. Newegg has confirmed to its customers via email that it doesn’t know how many accounts were affected. The attack is being attributed to the Magecart group, a collective of hackers that carry out attacks against websites. The code used in the Newegg breach is reportedly very similar to the code used in the British Airways credit card breach and a similar Ticketmaster breach.