Uh oh, this is becoming a common saying nowadays — “Another day, another data breach.” Hacks and compromised point-of-sales, both offline and online, seem to occur at a regular basis. We simply don’t know where the next attack will occur.
Have you been hacked recently? Here are fifteen high profile data breaches that were revealed this past year.
This time, one of the biggest online shopping sites has been hacked. If you shopped here recently, you should definitely contact your credit card provider and cancel it immediately.
Read on and find out if you are affected by the latest high-profile data breach.
Newegg has been cracked
Two computer security firms revealed Wednesday that online computer shopping giant Newegg suffered a month-long data breach and hackers may have poached credit card data from its customers.
Security firms RiskIQ and Volexity confirmed that hackers injected 15 lines of credit card skimming code on Newegg’s payment page.
Fun fact: Newegg is one of the largest online retailers in the world, specializing in computers, electronics and tech gear. According to the company, around 45 million unique visitors browse its site each month.
The skimming code remained on the site for more than a month, between Aug. 14 and Sept. 18 and whisked away credit card data to a server controlled by the hackers.
To evade detection, the server even used a valid security certificate to fool Newegg’s customers. Additionally, the hackers registered a domain called neweggstats.com to blend in with Newegg’s legitimate domains.
Newegg scrambled to delete the skimming code from its site on Tuesday after Volexity informed them of the breach.
It’s still not known how many Newegg customers were compromised but if you shopped there and entered your credit card details on the site between Aug. 14 and Sept. 18, you should expect the worst and assume that hackers have your information.
Even we here at the Kim Komando Show may be affected because our company sometimes purchases gear from Newegg.
Related to other recent hacks
RiskQ’s researcher Yonathan Klijnsma wrote in a blog post that the Newegg breach is directly related to other high-profile data breaches — the British Airways hack from earlier this month and the Ticketmaster breach discovered back in June.
Klijnsma wrote that the same threat actor is behind all of these well-disguised attacks, a hacking group known as MageCart.
“The breach of Newegg shows the true extent of MageCart operators’ reach. These attacks are not confined to certain geolocations or specific industries — any organization that processes payments online is a target,” Klijnsma explained.
The elements of the British Airways attacks were all present in the attack on Newegg: they integrated with the victim’s payment system and blended with the infrastructure, staying there as long as possible.”
Whenever a major data breach like this occurs, there are standard security steps that we should all take.
First, you should already be frequently checking your bank statements, looking for suspicious activity. If you see anything that seems strange, report it immediately to your bank. It’s the best way to keep your financial accounts safe.
As I said, although it’s still unclear how many Newegg customers are affected, if you shopped there and entered your credit card details on the site between Aug. 14 and Sept. 18, you should cancel your credit card as soon as possible.
Scammers will try to piggyback on data breaches like this. Beware of phishing scams that pretend to be from affected companies like banks, credit bureaus, credit card companies and even Newegg itself.
It’s also a good time to audit your online accounts and passwords. This is especially true if you use the same credentials for multiple websites.
Lastly, if you think you are already compromised, put a credit freeze on your accounts as soon as you can.