A Newegg data breach was reported on Wednesday as the credit card information of some of its customers was stolen by cybercriminals.
Here are seven things to know about the crime:
- The Newegg data breach has pushed the company to clear its website following a breach that reportedly took place between August 14 and September 14.
- The move saw hackers inject 15 lines of card skimming code on the company’s online payments page.
- The cybercrime saw hackers use the code to steal credit card data from customers through a server that cybercriminals controlled with a similar domain name to the online retailer in order to conduct their actions without being detected. The site even had an HTTPS certificate to make it appear secure.
- The Newegg data breach was discovered by Yonathan Klijsnma, who is a threat researcher at RiskIQ.
- The code used by hackers affected both desktop and mobile customers, although the company has yet to reveal whether or not mobile customers were affected.
- Newegg said that it had removed the code on Tuesday after being contacted by Volexity, which is an incident response firm that first discovered the malware.
- The company is one of the biggest retailers in the country as it raked in $2.65 billion in revenue in 2016 and it has more than 45 million monthly unique visitors. However, it is unclear how many of these customers were affected by the Newegg data breach.