Newegg Experiences Credit Card Data Breach
Newegg, a popular online electronics retailer, experienced a credit card skimming data breach between August 14 and September 18, 2018. The breach affected both desktop and mobile users.
RiskIQ created a detailed report of the breach in collaboration with Volexity. According to the report, a hacking group known as Magecart created a website on August 13 to collect credit card information from Newegg shoppers. On August 14th, they incorporated a code into the payment processing page of Newegg’s checkout system that would siphon those credit card details to the other website.
Newegg has since removed the code, but customers are encouraged to contact their bank if they placed an order during those dates.
Magecart was also responsible for attacks on Ticketmaster and British Airways. In fact, the basecode used for the Newegg breach was the same as the one used for British Airways.
Newegg receives more than 50 million monthly visitors. Currently, there is no information indicating how many customers or transactions were affected by the breach, but there could be widespread impact.