Even though Newegg is one of the most popular destinations for enthusiasts looking to score the latest and greatest hardware for the gaming rigs, the retail giant is not immune to the nefarious actions of the hacker community. To that end, Newegg's website was hacked, and the parties responsible were able to inject 15 lines of credit card skimming code into the retailer's payments page. That code hid there, undetected, from August 14 through September 18 meaning if you made a purchase there between those dates, you need to be concerned.





News of the attack comes from Yonathan Klijnsma, a threat researcher from RiskIQ. The injected code was able to steal credit card data from customers and sent that data to a server that was controlled by the hackers using a similar domain name. An HTTPS certificate was used with the nefarious server so that shoppers would be none the wiser.

The nefarious injected code worked on both the desktop and mobile versions of the Newegg website, but it's not clear now if mobile transactions were affected. Newegg removed the code yesterday after being contacted by a company called Volexity , the incident response firm that discovered the malicious code. It's easy to think of Newegg as a smaller online retailer, but it is massive, and this hack has significant reach. Newegg did $2.65 billion in revenue in 2016 and had more than 45 million monthly unique visitors.