The popular electronics website, Newegg, has discovered a breach where credit card data was skimmed by utilizing a script called “MageCart”. This script was also used in an attack against British Airlines and Feedify recently. According to a report released by Veloxity, it was determined that the card skimming code was injected into Newegg’s site while the user checked out their shopping card and entered their payment information.
A website called “neweggstats.com” was created by the attackers and when users purchased an item from Newegg the script would convert the payment data into a JSON and upload it to https[:]//neweggstats[.]com/GlobalData while the user was unaware. Once uploaded there, the attackers could use the data for themselves or resell it if desired.
The Newegg attack lasted from August 14 through September 18. At this time, it is unknown how many users are affected by this attack, but there are at least 380,000 individuals who were affected by the British Airways attack.
The CEO of Newegg, Danny Lee stated they have not determined which customer accounts may have been affected yet in an e-mail sent to customers.
Anyone who entered their credit card information into Newegg between August 14th through September 18th should closely monitor their accounts and communicate with their banks regarding the incident.