Newegg is one of the largest retailers in the US, making $2.65 billion in revenue in 2016.
Newegg is clearing up its website after a month-long data breach.
Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month.
The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a similar domain name likely to avoid detection.
The server even used an HTTPS certificate to blend in.
The code also worked for both desktop and mobile customers though it’s unclear if mobile customers are affected.
The company has not yet determined which customer accounts may have been affected.
Anyone who entered their credit card data during the period should immediately contact their banks.
Source: https://techcrunch.com/2018/09/19/newegg-credit-card-data-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/newegg-com
"id": "new155301022",
"linkid": "newegg-com",
"type": "Breach",
"date": "09/2018",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'E-commerce',
'location': 'United States',
'name': 'Newegg',
'size': 'Large',
'type': 'Retailer'}],
'attack_vector': 'Code Injection',
'customer_advisories': 'Advised customers to contact their banks',
'data_breach': {'data_exfiltration': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Credit Card Data'},
'description': 'Newegg experienced a month-long data breach where hackers '
'injected card skimming code on the payments page, siphoning '
'off credit card data to a server controlled by the hackers.',
'impact': {'data_compromised': 'Credit Card Data',
'payment_information_risk': 'High',
'systems_affected': 'Payment System'},
'initial_access_broker': {'entry_point': 'Website Payment Page'},
'motivation': 'Financial Gain',
'response': {'communication_strategy': 'Advised customers to contact their '
'banks'},
'title': 'Data Breach at Newegg',
'type': 'Data Breach',
'vulnerability_exploited': 'Website Payment Page'}