Just a few weeks after the British Airways hack, another hacking story is in the cycle.
Customers who made a purchase on Newegg in the past month may have had their payment card details stolen in a hack.
The electronics retailer says hackers secretly installed malware on a Newegg server.
It is still determining what data the malicious code was seeking to steal, but security researchers say the hackers were after credit card numbers.
The attack occurred between August 14 and September 18, according to security firms RiskIQ and Volexity.
The hackers first compromised the Newegg site and then tampered with the retailer’s checkout process to secretly forward customers to a dummy Newegg website under their control, neweggstats.com.
Any payment data entered in the checkout process was then collected, on desktop and mobile.
Given that the skimming occurred for more than an entire month, it is safe to assume this attack claimed a massive number of victims.
A hacking group dubbed Magecart has been blamed for the hack. This same group is allegedly responsible for the British Airways attack, managing to steal data from at least 380,000 customers.
Newegg claims the malware has been pulled off its site and urges buyers to watch their bank and credit accounts for any unauthorized purchases.
The retailer will publish an FAQ on the incident by Friday.
Investigators say Magecart hackers have targeted thousands of websites across the world, including Ticketmaster, which reported a similar credit card skimming breach in June involving one of its third-party suppliers.
Two other sites, Stein Mart and ShopperApproved, were also recently hit in Magecart attacks, according to a RiskIQ researcher.
Both security firms warn that the credit card skimming schemes from the Magecart hackers will only ramp up.
“With minimal setup or knowledge required, these attacks will surely increase as time goes on,” Volexity said.