Malware Discovered in NewEgg Skimming Credit Card Info

Credit Card Info Stolen

As one of the largest PC hardware online retailer on the planet, millions of transactions go through NewEgg‘s website every month. In fact, they have 45 million unique monthly visitors and had a $2.65 billion revenue in 2016. Which is why the latest data breach of their servers should be a cause for alarm to any PC builder.

The attack involves 15 lines of code which skim payment information from customers. The period is believed to be between August 14 and September 18, according to RiskIQ who discovered the attack.

Around August 14th, the attackers placed the skimmer code on Newegg’s website. They even manage to integrate it into the checkout process and disguised it well. The skimmer code is on the payment processing page itself, not just in a script. So this means it would not show unless the payment page was hit.

What Should I Do As a Consumer?

If you purchased anything from NewEgg between that period, you should contact your bank immediately. The company is sending out warning e-mail to their customers. However, if you used their services and did not receive an e-mail, you should still go to the proper steps of securing your credit card account.

Review any purchases that may look out of place and report it if there are any. Also, further security measures need to be in place, as well as requesting a new credit card is necessary.