Newegg suffered data breach for one month

No primary category set

Marketplace Newegg has reportedly been the victim of a data breach that persisted for one month before it was revealed and remedied. Apparently 15 lines of card skimming code were installed on the website’s payments page and were operational between August 14th and September 18th. The vulnerability was detected and reported by Volexity and you can read their full report here.

Newegg has emailed customers to inform them of the problem but hasn’t made a statement. It is currently unknown what the scale of the data breach is, how many users were impacted or precisely what personal data might have been purloined. Users were taken to a similar domain where payments details may have been entered, suggesting that buyers rather than merchants were the most likely victims.

RiskIQ has said it believes the Newegg data breach is the work of the Magecart group. They’re a group of hackers that carry out targeted attacks against vulnerable websites. They have previously used near-identical code to gather payments information:

The breach of Newegg shows the true extent of Magecart operators’ reach. These attacks are not confined to certain geolocations or specific industries — any organization that processes payments online is a target.
– Yonathan Klijnsma, researcher, RiskIQ

Newegg is one of the largest retailers in the US, as well as offering a marketplace platform to merchants. It generated $2.65 billion in revenue in 2016 and claims to have more than 45 million monthly unique visitors.

Reports such as this reiterate two often forgotten aspects of online trading. Firstly, even big and reputable organisations can be the victims of a data breach and that can dent consumer confidence in buying online. And, despite there being many different types of protection, there is still a need to be vigilant when paying online.

Let us know if you have been impacted by the problem. Doubtless, we’ll find out more about the incident in the coming weeks.

RELATED POSTS..

Where's Wally Etsy 2024 Christmas Ad

Where’s Wally Etsy 2024 Christmas Ad

TikTok for Good Launchpad UK

TikTok for Good Launchpad UK

Amazon 2024 Christmas ad - What the World Needs Now Is Love

Amazon’s 2024 Christmas ad – What the World Needs Now Is Love

Ofcom Post Monitoring report

Ofcom Post Monitoring report

ChannelX 2024 Podcast – Selling across 20 channels

ChannelX 2024 Podcast – Selling across 20 channels

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Latest

Take a look through a selection of the latest articles on ChannelX

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars