Why it matters: Newegg is the latest online retailer to be targeted by Magecart, the data hacking group that also struck British Airways and Ticketmaster. Odds are, it probably won’t be the last, either.
Computer hardware and electronics retailer Newegg has fallen victim to a data theft campaign that was nearly identical to the one recently used to swipe personal and financial data from British Airways customers.
Newegg removed the offending code on September 18. The Magecart group is reportedly behind the attack according to Volexity and RiskIQ.
It’s unclear exactly how many victims were hit although considering Newegg generated $2.65 billion in revenue in 2016 and has more than 50 million visitors a month, the figure is probably pretty large.
The code used in the Newegg attack is functionally very similar to what was used against British Airways albeit more streamlined. Whereas the British Airways attack utilized 22 lines of code, the Newegg attack was carried out using just eight lines of code (or 15 if the code was “beautified”).
Anyone that shopped at Newegg over the past month is encouraged to contact their bank immediately for a replacement card.