Newegg, a US-based company, has been the victim of a violation and has leaked its users' payment methods for one month. The violation was made by the same hackers who violated it British Airways and Ticketmaster earlier on 2018.
Newegg has more than 50 million visitors on its page each month, and the value of the company amounts to 2.65 billion dollars. RiskIQ discovered the breach in collaboration with the Volexity cybersecurity firm, where they said, "We can safely say that the number of casualties is high, even though investigations have just begun."
The hacker they entered 15 code lines on the page where the user had to enter the payment information, and stayed there from 14 August until September 18. The code at the end of the order copied the payment details and sent them to a Newegg-like domain (most likely not to notice it) through HTTPS protocol.
Behind this breach, but also by British Airways and Ticketmaster, is Magecart, according to RiskIQ.
Newegg has already contacted email with all its customers who bought from her site while the malicious code was there. The email states that those who bought it from their platform should watch their bank accounts for strange moves.
Finally, RiskIQ said the mistake was not from Newegg but from Magecart. Hackers performing such attacks do not discriminate against their target. While their two previous targets were in the United Kingdom, Newegg is in the US, and the result will cost a lot.