Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Stole Customer Credit Cards in Newegg Data Breach (techcrunch.com)

Posted by msmash on from the security-woes dept.

Newegg is clearing up its website after a month-long data breach. TechCrunch: Hackers injected 15 lines of card skimming code on the online retailer's payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a similar domain name -- likely to avoid detection. The server even used an HTTPS certificate to blend in. The code also worked for both desktop and mobile customers -- though it's unclear if mobile customers are affected.

The online electronics retailer removed the code on Tuesday after it was contacted by incident response firm Volexity, which first discovered the card skimming malware and reported its findings. Newegg is one of the largest retailers in the US, making $2.65 billion in revenue in 2016. The company touts more than 45 million monthly unique visitors, but it's not known precisely how many customers completed transactions during the period.

14 of 149 comments (clear)

  1. guess they have egg on their faces by Anonymous Coward · · Score: 2, Funny

    lol

  2. My current rating for NewEgg is... by nwaack · · Score: 2

    ...one gold egg. Seriously, it was there for A MONTH and nobody noticed? Might be time to switch to a different site for my computer parts.

    1. Re:My current rating for NewEgg is... by EvilSS · · Score: 2

      Newegg hasn't been the same since they got bought out a couple years ago. Shame really.

      --
      I browse on +1 so AC's need not respond, I won't see it.
    2. Re:My current rating for NewEgg is... by Anonymous Coward · · Score: 4, Informative

      Was that when they stopped being price competitive with freaking brick and mortar mom and pop stores? Or when they started cleverly listing junk from seedy third parties?

      NewEgg turned to shit long ago, and has been sliding further ever since.

    3. Re:My current rating for NewEgg is... by jwhyche · · Score: 3

      Now they are trying to be like Amazon and sell anything and every thing. Newegg used to be my 'go to' place for computer parts, but now I do more shopping around. I liked it better when newegg was computer part store. But the recommendation AI was a source of entertainment when they changed. "Hey we see you just bought 4, 3TB HD for a nas, wouldn't you like to buy this chain saw to go with it?"

      Back on topic. This kind of explains the porn ransomware email I got a few weeks back. I changed my phone number to my new number on newegg and less than 24 hours later I got a scam email saying they had video's of me watching porn on my phone. And unless i coughed up a bucket of shekels they were going to sent it to everyone on my contact list. Newegg was the only place that had my email address and new phone number. The new phone number was listed in the email.

      --
      I read at +2. If your post doesn't reach that level I will not see or respond to it.
    4. Re:My current rating for NewEgg is... by jwhyche · · Score: 2

      They said it was good porn, that "i have really good tastes." I would like to know what I was watching too. I let everyone on my contact list let me know when the black mail video shows up. So far it has been 2 weeks. Still waiting.

      --
      I read at +2. If your post doesn't reach that level I will not see or respond to it.
  3. Thank you HTTPS zealots by Lije+Baley · · Score: 2, Funny

    I sleep better knowing that HTTPS has made us all safe from teh hax0rs.

    --
    Strange things are afoot at the Circle-K.
    1. Re:Thank you HTTPS zealots by willaien · · Score: 2

      HTTPS did its job. There was no interception of data between the server and the client. Can't do shit if the server is compromised.

    2. Re:Thank you HTTPS zealots by QuietLagoon · · Score: 2

      I sleep better knowing that HTTPS has made us all safe from teh hax0rs.

      If that is what you think the purpose of https is, then you really should not be sleeping better, you should be learning more about https.

  4. What's to stop it from happening again? by mark-t · · Score: 4, Interesting

    The real breach is in that the attackers were somehow able to change the web page content to achieve this end. Do they know how the attackers accomplished this? If not, what's to stop it from reoccurring, even if not by the same people, when someone else figures it out?

    --
    File under 'M' for 'Manic ranting'
  5. Links to RiskIQ and Volexity reports by bosef1 · · Score: 3, Informative

    Here are the links to the original RiskIQ and Volexity reports on the breach.

    RiskIQ: https://www.riskiq.com/blog/la...

    Volexity: https://www.volexity.com/blog/...

    They're conclusion is basically to get a new credit card number if you transacted with Newegg from 13 Aug through 18 Sep 2018.

  6. Re:I'm laughing so hard my sides ache by jwhyche · · Score: 2

    You have to forgive Rick. I'm not sure he understands how the modern economy works. Even Farmer Brown down at my local farmers market takes plastic. Just slides it through his iphone and we are good. I think he can take samsung and apple pay too.

    --
    I read at +2. If your post doesn't reach that level I will not see or respond to it.
  7. Newegg press release? by wellard1981 · · Score: 2

    And when was Newegg going to inform their customers about this? Strange that we had to find out about this from a 3rd party news source. Does this only impact Newegg US, or other countries where Newegg does business affected too?

  8. Re:bad company, expected outcome. by jwhyche · · Score: 3

    I've had newegg mess up a few of my orders. Every time they practically tripped all over themselves to make it right. I can complain about a few things from newegg, but my experience with their customer service isn't one of them.

    --
    I read at +2. If your post doesn't reach that level I will not see or respond to it.