Earlier today, the Video game giant GameStop confirmed that their official website was compromised and hackers might have been able to steal user’s credentials including credit cards information and other customer data.
According to GameStop, an investigation is already underway aiming at what went wrong.
“GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website. That day a leading security firm was engaged to investigate these claims. GameStop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified.”
It must be noted that the breach was originally identified by Brian Krebs. The billion dollar company has over 7000 retail stores worldwide and over million customers which mean that the hackers could make millions of dollars just by selling the customers information on the DarkWeb marketplaces.
GameStop has also apologized to customers and is advising their customers to find any suspicious activity in their bank statements.
“We regret any concern this situation may cause for our customers. GameStop would like to remind its customers that it is always advisable to monitor payment card account statements for unauthorized charges. If you identify such a charge, report it immediately to the bank that issued the card because payment card network rules generally state that cardholders are not responsible for unauthorized charges that are timely reported.”
Vishal Gupta, CEO of Seclore commented on the breach and explained that: “If Brian Krebs’ report is correct, the GameStop breach has the potential to be a huge payday for hackers. Compromised credit card numbers aren’t always easy to monetize, but in this case, hackers were able to intercept CVV2 numbers, which allow them to begin making fraudulent purchases immediately. There is a reason companies aren’t allowed to store this CVV2 data in their own databases, so the fact that the hackers were able to intercept these security codes elevates the severity of the incident significantly. My advice to GameStop customers is to scrutinize your purchase history for fraudulent activity and cancel your card if you suspect it may have been compromised. As with most things, and especially with cyber security, an ounce of prevention is far better than a pound of cure.”
If you have an account on GameStop change its password now and contact your bank to keep an eye and block any fraudulent transaction.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.