Hacked: Newegg suffers month-long card-skimming attack, exposing credit card details
Just 15 lines of code was all it took for hackers to hijack the checkout of online retailer Newegg. The month-long attack took the form of a huge card skimming operation and is believed to have been carried out by the same group that was responsible for hacking both British Airways and Ticketmaster recently -- Magecart.
The hackers inserted car-skimming code into Newegg's payment page, and this script remained in place between August 14 and September 18. It is not known how many people may have been affected by the incident, but with millions of visitors each month, the numbers are potentially huge.
Details of the attack were revealed by security firms Volexity and RiskIQ who noted that it was nearly identical to the British Airways compromise. RiskIQ says: "The elements of the British Airways attacks were all present in the attack on Newegg: they integrated with the victim’s payment system and blended with the infrastructure, staying there as long as possible".
The attack was quite sophisticated, and details are still emerging. However, it seems that the Magecart hackers were able to inject code into secure.newegg.com which would then collect data and send it off to a separate domain owned and operated by the hackers.
That the compromise went undetected greatly increases the number of potential victims, but Newegg has not yet released any information about the number of customers that may have been affected. An investigation is underway at the moment, and the company says that it will release more details in a FAQ by Friday.