Skip to Content
Security & privacy

Retail giant investigating massive credit card breach

It seems like your credit card information is at risk of theft no matter where you shop. To make matters worse, cybercriminals are getting more brazen; we’ve reported major data breaches recently at retailers, hotels and even hospitals.

And now, another cyberattack proves it can take months before evidence of credit card theft surfaces.

The latest data breach

On Friday, Krebs on Security reported a possible breach at video-game retailer GameStop. The breach may have allowed thieves to steal customer data and credit card information.

“GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website,” a GameStop spokesman wrote in response to the initial report.

Krebs on Security notified GameStop of the breach after two sources reportedly received alerts from their credit card processors.

“That day, a leading security firm was engaged to investigate these claims. GameStop […] will continue to work nonstop to address this report and take appropriate measures to eradicate any issue that may be identified,” the company spokesman continued.

Who’s affected — and who’s not

The reports say the intrusion affects shoppers at GameStop.com from mid-September 2016 to the first week of February 2017. Compromised data may include customers’ names, addresses, credit card numbers, expiration dates and three-digit security codes (CVV2).

GameStop hasn’t confirmed the timeline of the hacks, but it urges its customers to be proactive.

“We regret any concern this situation may cause for our customers,” Game Stop said in its statement. “GameStop would like to remind its customers that it is always advisable to monitor payment card account statements for unauthorized charges. If you identify such a charge, report it immediately to the bank that issued the card.”

Steps to protect yourself

If you’ve shopped from GameStop’s website anytime over the past few months, here are additional measures you should take:

  • Keep an eye on your bank accounts — Check your bank statements frequently for suspicious activity. If anything seems strange, report it immediately.
  • Change your passwords — Generally, you should do this whenever you hear about a data breach. Read this to help you create hackproof passwords.
  • Beware of phishing scams — Scammers will try to piggyback on highly reported cybercrime. Often, they’ll create phishing emails in the hopes of convincing victims to click malicious links. Take our phishing IQ test to see if you can spot a fake email.
  • Manage passwords — Many people use the same username and password on multiple sites. This is a terrible practice. If you’re using doing this, change your passwords ASAP to make them unique. If you have too many accounts to remember, try using a password manager.
  • Have strong security software — Protecting your gadgets with strong security software is the best defense against digital threats.

Refer friends, earn rewards!

Why not share your source of digital lifestyle news, tips and advice with others? When your friends and family subscribe to Kim's free newsletters, you earn points toward awesome rewards!

Get rewarded