- Newegg is the latest in line to face a security breach in its online payment system.
- The store’s payments page was used to harvest credit card details for over a month by attackers.
- Attackers infected one of the servers with malware, and it has been removed.
Popular e-commerce platform Newegg has suffered a malware attack which may have compromised credit card information belonging to a large number of users. A credit card skimming malware was injected into Newegg’s payment page and harvested credit card details for over a month. Newegg is one of the most popular websites for computer hardware and accessories and caters to a large number of users from across the globe. With around 50 million visits a month, the extent of the credit card data breach could be one of the largest ever seen.
The computer hardware store made an official announcement via Twitter. Newegg is currently investigating to determine how much info was obtained by attackers. Customers who have been potentially impacted are being sent emails through the e-commerce website. Newegg has requested all users to check their emails to find out if they may have been affected.
Yesterday we learned one of our servers had been injected with malware which was identified and removed from our site. We’re conducting extensive research to determine exactly what info was obtained and are sending emails to customers potentially impacted. Please check your email
— Newegg (@Newegg) September 19, 2018
The attackers allegedly used the Magecart exploit, which was also used recently to perform a similar credit card theft that has affected approximately 380,000 British Airways customers. The malware contains only 15 lines of code, and it has already been removed to secure the website. Users who made purchases on Newegg between August 14 and September 18 need to be on high alert and keep an eye out for any suspicious transactions in their credit card statements.