Many Newegg customers reportedly had their credit card information exposed in a breach that researchers are attributing to the Magecart group.
The payment page for the electronic and computer retailer remained breached for more than a month, from August 14 until September 18, according to security researchers.
On Wednesday, security firms RiskIQ and Volexity released reports on their joint investigation into the breach, asserting that the methods used resemble those of Magecart, which was behind the Ticketmaster breach in June and was likely behind the recent British Airways hack, according to an investigation from RiskIQ.
The 15-line card-skimming code hackers used on the Newegg payment page was almost identical to the code used in the other two major attacks, according to RiskIQ.
“The breach of Newegg shows the true extent of Magecart operators’ reach,” RiskIQ threat researcher Yonathan Klijnsma told TechCrunch. “These attacks are not confined to certain geolocations or specific industries — any organisation that processes payments online is a target.”
Newegg did not respond to a Gizmodo request for comment. TechCrunch reports Newegg chief executive Danny Lee sent an email to Newegg customers stating the company has “not yet determined which customer accounts may have been affected”.
The RiskIQ report states that “we can assume this attack claimed a massive number of victims” because of how long the payment page was being skimmed.
RiskIQ encouraged banks to reissue any cards used for Newegg transactions over the last few weeks.
[RiskIQ, Volexity, TechCrunch]