Financial Info Leaked in Newegg Data Breach

Discussion in 'HardForum Tech News' started by AlphaAtlas, Sep 19, 2018.

  1. AlphaAtlas

    AlphaAtlas [H]ard|Gawd Staff Member

    Messages:
    1,713
    Joined:
    Mar 3, 2018
    Working together, Volexity and RiskIQ discovered a credit card skimming attack on Newegg's website. The security researchers claim that hackers injected Javascript code into Newegg's secure checkout page, which would collect form data and send it to "neweggstats.com". That domain was created on August 13th, and started collecting data on August 16th, but the offending Javascript code wasn't removed until September 18th. The researchers say that the same actors behind the British Airways and Feedify hacks were behind this attack. Needless to say, if you ordered anything on Newegg in August or September, you should call your bank.

    Magecart attacks are surging-RiskIQ's automatic detections of instances of Magecart breaches pings us almost hourly. Meanwhile, we're seeing attackers evolve and improve over time, setting their sites on breaches of large brands. While some Magecart groups still target smaller shops, the subgroup responsible for the attacks against Newegg and British Airways is particularly audacious, performing cunning, highly targeted attacks with skimmers that seamlessly integrate into their targets' websites. The attack on Newegg shows that while third parties have been a problem for websites-as in the case of the Ticketmaster breach-self-hosted scripts help attackers move and evolve, in this case changing the actual payment processing pages to place their skimmer.
     
  2. GoodBoy

    GoodBoy [H]ard|Gawd

    Messages:
    1,601
    Joined:
    Nov 29, 2004
    Ugh.. I bet a bunch of you guys pre-ordered 2080's from Newegg...
     
    LightsOut41, AceGoober and JStamsek like this.
  3. dvsman

    dvsman 2[H]4U

    Messages:
    2,896
    Joined:
    Dec 2, 2009
    Phew! I just checked my order history - September 14th ... 2017! Ever since they changed owners and threw their Connecticut (IIRC) customers under the bus for sales tax, I've been using eBay (web stores for big name vendors) or Amazon or Microcenter.
     
  4. arnemetis

    arnemetis 2[H]4U

    Messages:
    2,735
    Joined:
    Aug 2, 2004
    Damnit, I ordered some parts on August 24. Guess I better get a new card, then wait 4 years for the class action lawsuit to settle with newegg for $1.30 and a year of credit monitoring.
     
    Bigshrimp, Wrecked Em, Maxx and 5 others like this.
  5. toddw

    toddw [H]ard|Gawd

    Messages:
    1,374
    Joined:
    Sep 9, 2004
    I'm sure Mick Mulvaney is on top of it, and by on top of it I mean taking a cut.
     
    Icon_Charlie likes this.
  6. Domingo

    Domingo [H]ard as it Gets

    Messages:
    17,386
    Joined:
    Jul 30, 2004
    Ugh. That would be me.
     
  7. DejaWiz

    DejaWiz Oracle of Unfortunate Truths

    Messages:
    19,299
    Joined:
    Apr 15, 2005
    Crafty bastards.
     
    Icon_Charlie likes this.
  8. Danny Dawg

    Danny Dawg [H]ard|Gawd

    Messages:
    1,703
    Joined:
    Nov 5, 2008
    Damn . . . .placed an order earlier this month for some odds and ends . . . . . not going to take any chances- just cancelled my card. They should never have stopped accepting personal checks and money orders.
     
    Last edited: Sep 19, 2018
  9. ToniCipriani

    ToniCipriani n00b

    Messages:
    21
    Joined:
    Mar 30, 2013
    I did order fairly recently... but it was via eBay and PayPal.
     
    lcpiper likes this.
  10. Poseur

    Poseur Limp Gawd

    Messages:
    352
    Joined:
    Oct 7, 2009
    Why am I reading it here and now, instead of an email from Newegg on the DAY THAT IT WAS DISCOVERED? :mad: Just built a Ryzen system. Bought stuff from all over, including Newegg.
     
  11. Modred189

    Modred189 I'm Smarter Than You

    Messages:
    14,571
    Joined:
    May 24, 2006
    One of these days, people will stop using Magento...

    Because Newegg is bad at PR, have a bad incident response plan, and bad breach counsel.
     
  12. U-238

    U-238 Limp Gawd

    Messages:
    252
    Joined:
    Aug 14, 2008
    Newegg has kinda fallen off a cliff lately. They kinda remind me of the K-Mart stores shortly before they closed. They're there and most everybody knows the name but you walk inside and it's just empty, dead and old looking.
     
    Rahh, LightsOut41, Roberty and 6 others like this.
  13. singe_101

    singe_101 2[H]4U

    Messages:
    2,101
    Joined:
    Dec 17, 2005
    Tomorrow: Kemp hires Newegg CTO for Georgia elections security.

    Or new head of Deep Root Analytics for leaking voter data in all states.
     
    Icon_Charlie likes this.
  14. arnemetis

    arnemetis 2[H]4U

    Messages:
    2,735
    Joined:
    Aug 2, 2004
    Yeah that's a damn good point. An email should have been sent out at the very least. Better would be a banner on the top of every page of newegg mentioning that they were breached, you should contact your banks immediately, click here for more information. Thank god for [H]ard|OCP letting me know I'm about to get bent over.
     
    DrezKill and Icon_Charlie like this.
  15. sirmonkey1985

    sirmonkey1985 [H]ard|DCer of the Month - July 2010

    Messages:
    21,645
    Joined:
    Sep 13, 2008
    thankfully the monitor i almost bought on newegg last month was the same price on amazon..
     
  16. VulnoX

    VulnoX [H]Lite

    Messages:
    105
    Joined:
    Feb 3, 2004
    I spent $8 there on 8/30 for a cable that one of their 3rd party sellers was selling for WAY less than anyone else. This is my reward for being frugal I guess...
     
  17. capt_cope

    capt_cope Gawd

    Messages:
    928
    Joined:
    Apr 12, 2009
    Lately?!

    I gave up on them in 2013...
     
    CompuDrew, Seelenlos and jtm55 like this.
  18. TwiceOver

    TwiceOver 2[H]4U

    Messages:
    2,405
    Joined:
    Jan 14, 2003
    Yes. All 3 of you that still use Newegg should check your statements. :D
     
    DrezKill likes this.
  19. drescherjm

    drescherjm [H]ardForum Junkie

    Messages:
    14,568
    Joined:
    Nov 19, 2008
    Hmm, my last order was from 2017 so I am good.
     
  20. iamjanco

    iamjanco Limp Gawd

    Messages:
    441
    Joined:
    Jul 8, 2016
    Haven't bought anything from Newegg in a while, but it sure was smart given the date the Nvidia "the more you buy, the more you save" preorders began.
     
  21. Dead Parrot

    Dead Parrot 2[H]4U

    Messages:
    2,592
    Joined:
    Mar 4, 2013
    Another demonstration of the stupidity of the current e-commerce design. The only folks that should be involved in an online CC transaction should be the CC holder, the CC issuer or designated agent and the vendor. But most e-commerce sites require multiple 3rd party scripts to run and require data to go to multiple 3rd party sites for the transaction to complete. Makes it almost impossible for the CC holder/customer to know when the site has been hacked. Imagine if every CC transaction at Walmart required you to hand your card over to 5 or 6 strangers before it was inserted into the POS gizmo and then another 2 or 3 before it made it back to your wallet.

    I think the last things I bought from Newegg were for my several year old i7-3770 system.
     
    LightsOut41 and ZyzzyxSilver like this.
  22. Bowman15

    Bowman15 [H]ard|Gawd

    Messages:
    1,250
    Joined:
    Apr 7, 2015
    Pheewww.....last order was in July.

    THANKS FOR LETTING US KNOW NEWEGG. :shifty:
     
    Last edited: Sep 19, 2018
    Bigshrimp and DrezKill like this.
  23. prne10

    prne10 Limp Gawd

    Messages:
    217
    Joined:
    Oct 26, 2005
    last purchase - August 16th, 2018. FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
     
  24. n3ckcutta

    n3ckcutta Limp Gawd

    Messages:
    223
    Joined:
    Nov 5, 2009
    Bought a motherboard on the 16th... I did everything through PayPal though. Will be contacting my bank next.
     
  25. Crackinjahcs

    Crackinjahcs Limp Gawd

    Messages:
    148
    Joined:
    Jan 31, 2018
    At the rate these attacks are successful credit card companies will need to start issuing new cards every month just to try and stay ahead of it... which will itself widen another angle of attack.
     
  26. GoodBoy

    GoodBoy [H]ard|Gawd

    Messages:
    1,601
    Joined:
    Nov 29, 2004
    I gave up on them after ordering 5 Raid Edition (i.e expensive, over $1k order) hardrives from them only to receive them with basically no packing materials.. drives laying right in a cardboard box... oem drives, so not like they were at least in retail packaging...

    Fuck that shit.

    Amazon is far superior.
     
    PaulP likes this.
  27. Raalle

    Raalle [H]Lite

    Messages:
    64
    Joined:
    Jan 14, 2004
    Ha! Me too--August 16. <sigh> I've just come from the bank --cancelled old card immediately.
     
  28. staknhalo

    staknhalo [H]ard|Gawd

    Messages:
    1,239
    Joined:
    Jun 11, 2007
    WHEW!

    7/26 was my last order there for 4x 12TB HDDS. Close call!
     
  29. scojer

    scojer [H]ardness Supreme

    Messages:
    4,125
    Joined:
    Jun 13, 2009
    Gotta call my dad, he ordered a monitor on 8/18.
     
  30. readeh

    readeh Limp Gawd

    Messages:
    288
    Joined:
    Apr 1, 2013
    Well.. I guess that's my punishment for avoiding tax on my 2080ti pre-order instead of buying on Amazon.. Fuck.
     
    DrezKill and prne10 like this.
  31. Fifth Horseman

    Fifth Horseman Limp Gawd

    Messages:
    455
    Joined:
    May 5, 2000
    Last order I made through them was on July 31st. Juuuuuust under the wire. :D
     
  32. Cactusj

    Cactusj n00b

    Messages:
    46
    Joined:
    Jun 4, 2018
    Order date: 9/8/2018... At least the purchase was with my credit card and not a bank card.
     
  33. sboucher

    sboucher Gawd

    Messages:
    549
    Joined:
    Oct 7, 2004
    Just built myself a new system and got a few things from Newegg myself. Not gonna sweat it. I'll just keep an eye on my statement. Anything funny shows up, and simple call to the credit card company will clear it up.
     
  34. AceGoober

    AceGoober Live! Laug[H]! Overclock!

    Messages:
    22,010
    Joined:
    Jun 25, 2003
    Crap...gotta inform a bunch of people of this. Thanks for the heads-up.
     
  35. wiploc

    wiploc Limp Gawd

    Messages:
    176
    Joined:
    Jan 28, 2005
    Just got an email:


    Yesterday, we learned one of our servers had been injected with malware which may have allowed some of your information to be acquired or accessed by a third party. The malware was quite sophisticated and we are conducting extensive research to determine exactly what information may have been acquired or accessed and how many customers may have been impacted. We will keep you up to date with our progress and work to ensure this doesn't happen again. The malware is no longer on our site and we will be doing our best to bring the culprits to justice.

    We have not yet determined which customer accounts may have been affected, but out of an abundance of caution we are alerting those accounts at risk as soon as possible so that they can keep an eye on their accounts for any suspicious activity. We hope by alerting you quickly to help prevent any misuse of information that may have been acquired or accessed.

    By Friday, we will publish an FAQ that will answer common questions we get; we will send you a link as soon as it goes live. We will also publish the link on our social media platforms. We want to make sure you are completely informed.

    We are very sorry circumstances have warranted this message. We are working diligently to address this issue and will provide additional information to you shortly.

    Sincerely,
    Danny Lee, CEO Newegg


    So annoying. Luckily as with others it was a credit card and not a bank card, however I also use that card for some auto-pay stuff so that's always a pain in the butt to switch.
     
  36. modi123

    modi123 [H]ardness Supreme

    Messages:
    5,545
    Joined:
    Sep 6, 2006
    Ugh.. fifteen lines of jquery to an AJAX call and this happens? Ugly.. ugly..UGLY!
     
    clockdogg likes this.
  37. mkrohn

    mkrohn 2[H]4U

    Messages:
    2,330
    Joined:
    Apr 30, 2012
    RMA's with them used to be great. My last one instead of replacing the product I bought on sale they refunded me hoping I'd buy something much more expensive. Hopefully finding something to buy from a person here instead.
     
  38. Azphira

    Azphira [H]ard|Gawd

    Messages:
    1,822
    Joined:
    Aug 18, 2003
    Don't forget to pay your use tax!
     
    /dev/null likes this.
  39. Zarathustra[H]

    Zarathustra[H] Official Forum Curmudgeon

    Messages:
    28,897
    Joined:
    Oct 29, 2000
    Hmm. I did order from Newegg during this period, but I used PayPal. I'm guessing PayPal is not affected as it needs authentication every time, but who knows...
     
  40. Zarathustra[H]

    Zarathustra[H] Official Forum Curmudgeon

    Messages:
    28,897
    Joined:
    Oct 29, 2000
    I'd consider 2013 to be recent.

    I blinked my eyes and was suddenly transported from 2008 to 2018, so 2013 falls within the realm of "lately" to me :p

    I mean, I still talk about how I don't like this new music, like the Spice Girls and Britney Spears. :p