Newegg, one of the US' largest retailers, has been leaking credit card information to hackers for a month now, security researchers reported this Wednesday.
According to the report, a hacking group injected 15 lines of code into Newegg's payments page to skim credit card data. The code was injected on August 14, and was discovered and removed around September 18. The malicious code was discovered by security researchers from RiskIQ.
The researchers believe the group behind these attacks is Magecart. If that name rings a bell, it's probably because they are also accused of being the masterminds behind the British Airways hack, as well as the Ticketmaster hack.
RiskIQ is attributing the attack to Magecart because it looks almost identical.
“The breach of Newegg shows the true extent of Magecart operators’ reach,” Yonathan Klijnsma, a threat researcher at RiskIQ told Tech Crunch. “These attacks are not confined to certain geolocations or specific industries—any organization that processes payments online is a target.”
The hackers did their best to integrate with the system and blend in as much as possible, to avoid detection. With that in mind, it was said that the server who was on the receiving end of the credit card data had a domain name similar to Newegg's. The server even used an HTTPS certificate.
If you used Newegg in this time period, it would be smart to contact your bank immediately, look for unknown transactions and, possibly, get that card disabled.
Image Credit: A. and I. Kruk / Shutterstock