Online retailer Newegg on Wednesday confirmed that credit card information from customers had been stolen using a sophisticated attack.
“Yesterday we learned one of our servers had been injected with malware which was identified and removed from our site,” the company said in a statement on Twitter. “We’re conducting extensive research to determine exactly what info was obtained and are sending emails to customers potentially impacted. Please check your email.”
This makes Newegg the latest company to get hit by black hat hacker groups collectively called Magecart. Security researchers at RiskIQ said the attack worked by injecting malicious JavaScript onto Newegg’s page to skim credit card information and sent it it to a domain registered as Neweggstats.com. RiskIQ said a very similar “Magecart assault” was also used against British Airways and Ticketmaster earlier this year.
Powered by WPeMatico