Jump to content
Login new information ×
Login new information

Newegg Data Breach Left Customer Credit Cards Exposed For a Month, Security Researchers Say

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

Many Newegg customers reportedly had their credit card information exposed in a breach that researchers are attributing to the Magecart group.

 

https://s7d4.turboimg.net/sp/dc2ba97a1402d64d79ee5955cc952cd5/newegg-data-breach-credit-card-hacking.jpg

 

The payment page for the electronic and computer retailer remained breached for more than a month, from August 14 until September 18, according to security researchers.

 

On Wednesday, security firms RiskIQ and Volexity released reports on their joint investigation into the breach, asserting that the methods used resemble those of Magecart, which was behind the Ticketmaster breach in June and was likely behind the recent British Airways hack, according to an investigation from RiskIQ.

 

The 15-line card-skimming code hackers used on the Newegg payment page was almost identical to the code used in the other two major attacks, according to RiskIQ.

 

“The breach of Newegg shows the true extent of Magecart operators’ reach,” RiskIQ threat researcher Yonathan Klijnsma told TechCrunch. “These attacks are not confined to certain geolocations or specific industries—any organization that processes payments online is a target.

 

Newegg did not respond to a Gizmodo request for comment. TechCrunch reports Newegg chief executive Danny Lee sent an email to Newegg customers stating the company has “not yet determined which customer accounts may have been affected.”

 

The RiskIQ report states, “we can assume this attack claimed a massive number of victims,” because of how long the payment page was being skimmed.

 

RiskIQ encouraged banks to reissue any cards used for Newegg transactions over the last few weeks.

 

Source

Link to comment
Share on other sites
  • Replies 1
  • Views 463
  • Created
  • Last Reply
Matrix

Matrix

Posted
Posted

According to cybersecurity solutions and services firm Volexity, malicious JavaScript was added to Newegg in mid-August. It appeared when moving to the billing information page during checkout where it siphoned off credit card data before sending it to the attackers over SSL / TLS via the domain neweggstats.com.

It’s unclear exactly how many victims were hit although considering Newegg generated $2.65 billion in revenue in 2016 and has more than 50 million visitors a month, the figure is probably pretty large.

The code used in the Newegg attack is functionally very similar to what was used against British Airways albeit more streamlined. Whereas the British Airways attack utilized 22 lines of code, the Newegg attack was carried out using just eight lines of code (or 15 if the code was “beautified”).

here

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...