Newegg Victim of Data Breach
Electronics retailer Newegg is reportedly the victim of a data breach that lasted a month. RiskIQ Threat Researcher Yonathan Klijnsma found that hackers installed 15 lines of card skimming code on Newegg’s payments page, which stayed on the site from Aug. 14 through Sept. 18. The hackers sent credit card data to a service controlled by them, noted the report. The code was removed by the site after being alerted by Volexity, an incident response firm.In an email to customers, Newegg CEO Danny Lee said the company hasn’t determined the customer accounts that were impacted by the breach.
“The breach of Newegg shows the true extent of Magecart operators’ reach,” said Klijnsma in the report. “These attacks are not confined to certain geolocations or specific industries — any organization that processes payments online is a target.”
Total Retail's Take: Newegg isn’t the first retailer to fall victim to a data breach. In fact, they're becoming all too familiar for retailers. In June, Macy's detected suspicious logins on its website, prompting the retailer to warn customers about a data breach that was perpetrated by a third party. And this past summer, Adidas warned millions of U.S. customers about a similar data breach that took place on its website. Bottom line: data security is something to be taken seriously. The resulting loss of customer trust has long-lasting and far-reaching ramifications for retail data breach victims.