Tweet
GameStop is currently looking into reports that hackers have gained access to customer credit card information and customer data from gamestop.com. The company has issued a statement on this investigation to KrebsOnSecurity.
The data is said to have been stolen during a period between September 2017 and early February 2017. The data that was stolen is said to include customer card numbers, expiration data, name, address, and the CVV2 security numbers on the backs of credit cards.
Typically, CVV2 numbers are not stored by any commerce website. However, if the site was injected with malicious code or malicious software, it is possible that the data was recorded prior to being encoded during payment.
“GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website,” a company spokesman wrote in response to questions from this author.
“That day a leading security firm was engaged to investigate these claims. Gamestop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified,” the company’s statement continued.
“That day a leading security firm was engaged to investigate these claims. Gamestop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified,” the company’s statement continued.
The data is said to have been stolen during a period between September 2017 and early February 2017. The data that was stolen is said to include customer card numbers, expiration data, name, address, and the CVV2 security numbers on the backs of credit cards.
Typically, CVV2 numbers are not stored by any commerce website. However, if the site was injected with malicious code or malicious software, it is possible that the data was recorded prior to being encoded during payment.