Newegg suffered data breach for one month

No primary category set

Marketplace Newegg has reportedly been the victim of a data breach that persisted for one month before it was revealed and remedied. Apparently 15 lines of card skimming code were installed on the website’s payments page and were operational between August 14th and September 18th. The vulnerability was detected and reported by Volexity and you can read their full report here.

Newegg has emailed customers to inform them of the problem but hasn’t made a statement. It is currently unknown what the scale of the data breach is, how many users were impacted or precisely what personal data might have been purloined. Users were taken to a similar domain where payments details may have been entered, suggesting that buyers rather than merchants were the most likely victims.

RiskIQ has said it believes the Newegg data breach is the work of the Magecart group. They’re a group of hackers that carry out targeted attacks against vulnerable websites. They have previously used near-identical code to gather payments information:

The breach of Newegg shows the true extent of Magecart operators’ reach. These attacks are not confined to certain geolocations or specific industries — any organization that processes payments online is a target.
– Yonathan Klijnsma, researcher, RiskIQ

Newegg is one of the largest retailers in the US, as well as offering a marketplace platform to merchants. It generated $2.65 billion in revenue in 2016 and claims to have more than 45 million monthly unique visitors.

Reports such as this reiterate two often forgotten aspects of online trading. Firstly, even big and reputable organisations can be the victims of a data breach and that can dent consumer confidence in buying online. And, despite there being many different types of protection, there is still a need to be vigilant when paying online.

Let us know if you have been impacted by the problem. Doubtless, we’ll find out more about the incident in the coming weeks.

RELATED POSTS..

Waiting to fail - Slow finance harms online retailers Get early access to credit with multifi

Waiting to fail – Slow finance harms online retailers. Get early access to credit with multifi

How Suri grew to £10m in two years staying true to their sustainable credentials

How Suri grew to £10m in two years staying true to their sustainable credentials

Yodel Doubles North West Capacity with New Huyton Depot

Yodel Doubles North West Capacity with New Huyton Depot

How to reach international buyers with B2B Ecommerce

How to reach international buyers with B2B Ecommerce

Royal Mail announces nationwide locker service with Quadient

Royal Mail announces nationwide locker service with Quadient

ChannelX Guide...

Featured in this article from the ChannelX Guide – companies that can help you grow and manage your business.

Register for Newsletter

Receive 5 newsletters per week

Gain access to all research

Be notified of upcoming events and webinars