Another day, another data breach. This time, it’s GameStop, the video game retail giant, that has reportedly been compromised.
According to a report from KrebsOnSecurity, customers who shopped at GameStop.com between mid-September and early-February might have had their credit card details stolen. Gamestop has confirmed to KrebsOnSecurity that some credit card details were already being sold on nefarious websites.
To make matters worse, the CVV2 information (the three digit code on the back of each card) was also compromised. Typically, these numbers act as a last line of defense against online credit card thieves and are not typically allowed to be stored or saved by retailers. It’s possible that these hackers accessed the information by "placing malicious software on the company’s e-commerce site.”
“We regret any concern this situation may cause for our customers,” Gamestop wrote in a statement. “GameStop would like to remind its customers that it is always advisable to monitor payment card account statements for unauthorized charges. If you identify such a charge, report it immediately to the bank that issued the card because payment card network rules generally state that cardholders are not responsible for unauthorized charges that are timely reported.”
Unfortunately, these data breaches have become a way of life. Until companies begin taking the financial well-being of their customers a little more seriously, expect additional high profile credit card leaks in the near future.