RiskIQ and Volexity, two security firms, reported the Newegg breach which appears to be just the latest in a line of hacked high-profile websites. According to the report the attack seems to be similar to the recent British Airways one and even may have started a week earlier.
The code itself was added quietly on August 16th, sometime between 15:45 and 20:20 UTC. It’s was present on the payment information page and basically bound to the checkout button. That made sure that everyone buying something and clicking on said button would basically submit their data not only to Newegg but also to a destination specified by the cybercriminals. Even worse, the script worked not only for desktop PCs but also smartphones and tablets.
As of now there is no information available on how many customers have been affected. Considering the size of the company and the fact that the page has more than 50 million visitors a month, it is most likely quite high.
Here’s a great tip if you’re worried about the above and want to protect yourself: Avira Identity Scanner, a new solution from Avira, warns you if your identity is being misused. To tell you, Avira Identity Scanner scours the visible and invisible internet (Dark Web) specifically looking for your information – including your credit card and account details. If any of your data is being misused, it gives you a warning and tips on what steps you can take to counter data misuse.