On Wednesday, security firms RiskIQ and Volexity released reports on their joint investigation into the breach, asserting that the methods used resemble those of Magecart, which was behind the Ticketmaster breach in June and was likely behind the recent British Airways hack, according to an investigation from RiskIQ.
The 15-line card-skimming code hackers used on the Newegg payment page was almost identical to the code used in the other two major attacks, according to RiskIQ.
“The breach of Newegg shows the true extent of Magecart operators’ reach,” RiskIQ threat researcher Yonathan Klijnsma told TechCrunch. “These attacks are not confined to certain geolocations or specific industries—any organization that processes payments online is a target.
Newegg did not respond to a Gizmodo request for comment. TechCrunch reports Newegg chief executive Danny Lee sent an email to Newegg customers stating the company has “not yet determined which customer accounts may have been affected.”
The RiskIQ report states, “we can assume this attack claimed a massive number of victims,” because of how long the payment page was being skimmed.
RiskIQ encouraged banks to reissue any cards used for Newegg transactions over the last few weeks.
Data Breach 2018, Data Breach Articles, Data Breach Cases, Data Breach Effects, Data Breach Email, Data Breach Protection, Data Breach Reporting, Data Breach Search, Data Breach Today, Data Breach Today News, Data Breach United States, Data Breach What To Do