GameStop said last week that it's investigating a potential security breach on its website involving customer data and credit cards. The hacks reportedly took place between September 2016 and February of this year. The breach could include credit card numbers, expiration dates, names, addresses and three-digit card verification numbers.
"GameStop recently received notification from a third party that it believed payment card data from cards used on the Gamestop.com website was being offered for sale on a website," a company spokesperson wrote in an email to Fortune. "That day a leading security firm was engaged to investigate these claims. GameStop has and will continue to work nonstop to address this report and take appropriate measures to eradicate any issue that may be identified."
Total Retail's Take: A potential data breach is just more bad news for the struggling retailer, which announced last month that it’s shuttering at least 150 store locations as it shifts its focus away from video game hardware and software and toward categories like technology and collectibles. GameStop is taking all the appropriate measures to eradicate the potential security problem. In the statement referenced above, GameStop also reminded its customers that it's always advisable to monitor payment card account statements for unauthorized charges. “If you identify such a charge, report it immediately to the bank that issued the card because payment card network rules generally state that cardholders aren't responsible for unauthorized charges that are timely reported,” the company said.