- Microsoft employees want to cancel a $479 million contract with the U.S. military 5 Months Ago
- Queso recipe gets launched to space Today 10:09 AM
- ‘Isabelle Facts’ was a wholesome queer meme account—until harassers showed up Today 8:28 AM
- 2016 election stories the ‘Newsroom’ reboot will cover Today 6:30 AM
- How to stream Brandon Rios vs. Humberto Soto for free Today 6:00 AM
- ‘The Haunting of Hill House’ heads to ‘Bly Manor’ for next installment Today 5:45 AM
- How to stream James DeGale vs. Chris Eubank Jr. for free Today 5:30 AM
- How to stream UFC Fight Night 145 in Prague for free Today 5:00 AM
- R. Kelly charged in Chicago with multiple counts of sex abuse Friday 7:51 PM
- Elon Musk finally hosts PewDiePie’s meme review Friday 6:27 PM
- Netflix throws ‘Umbrella Academy’-themed wedding for fans Friday 4:54 PM
- Report: Facebook collects app data on users’ body weight, menstrual cycles Friday 3:38 PM
- Amy Klobuchar reportedly ate salad with a comb, and Twitter’s got questions Friday 2:47 PM
- Nobody likes Spotify’s new update Friday 2:34 PM
- Student assaulted on campus while tabling for right-wing group Friday 1:56 PM
If you’ve been jonesing to build a new PC, or just need to upgrade your graphics card, you may want to hold off purchasing anything from Newegg.com for a little while. The PC parts online retailer said on Twitter Wednesday that it discovered one of its servers had been injected with malware, potentially putting customer data at risk.
Yesterday we learned one of our servers had been injected with malware which was identified and removed from our site. We’re conducting extensive research to determine exactly what info was obtained and are sending emails to customers potentially impacted. Please check your email
— Newegg (@Newegg) September 19, 2018
In the same tweet, Newegg said it had removed the malware and is researching to see what information may have been compromised and is “sending emails to customers potentially impacted.”
Newegg, founded in 2001, is one of the globe’s largest online retailers of computer parts, ranking No. 173 on Forbes’ list of the largest private companies in 2017 with 45 million unique visitors per month. According to Forbes, Newegg earned $2.7 billion in revenue the same year.
According to TechCrunch, hackers managed to inject 15 lines of credit card-skimming code onto the retailer’s payment page from Aug. 14 to Sept. 18.
In an email to customers sent out Wednesday, Newegg CEO Danny Lee stated that the company had not yet determined which customers have been affected. He also stated that the company will be releasing a FAQ on Friday to address common customer questions.
“The malware is no longer on our site and we will be doing our best to bring the culprits to justice,” Lee wrote.
A Newegg representative did not immediately respond to a request for comment.
— Yonathan Klijnsma (@ydklijnsma) September 19, 2018
Yonathan Klijnsma, a threat researcher at cybersecurity company RiskIQ, told TechCrunch that the hack looked similar to one carried out by a group known as Magecart against British Airway two weeks ago. Conveniently enough for Magecart, their hack worked on both Newegg’s desktop and mobile storefronts.
“While some Magecart groups still target smaller shops, the subgroup responsible for the attacks against Newegg and British Airways is particularly audacious, performing cunning, highly targeted attacks with skimmers that seamlessly integrate into their targets’ websites,” Klijnsma wrote in a RiskIQ blog.
Joseph Knoop is a gaming writer for Daily Dot, a native Chicagoan, and a slave to all things Overwatch. He co-founded the college geek culture outlet ByteBSU, then interned at Game Informer, and now writes for a bunch websites his parents have never heard of.