If you made a credit card purchase through GameStops’s website between mid-September 2016 and the first week of February 2017, you might want to keep an eye out for any fraudulent purchases.
According to KrebsOnSecurity, two sources in the financial industry informed the site of alerts received from a credit card processor.
The sources told the site GameStop’s website was likely compromised during the aforementioned time period. The breach is said to likely include card numbers, the expiration date, and the 3-digit security code on the back.
Other information such as customer names and addresses are also said to have potentially been mined.
After contacting GameStop regarding the breach, the retailer told KrebsOnSecurity it was investigating the possible breach.
“GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop website was being offered for sale on a website,” a representative stated. “That day, a leading security firm was engaged to investigate these claims.
“Gamestop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified. We regret any concern this situation may cause for our customers.”
The company declined to provide more details, only stating that customers should keep track of purchases and notify their banks if they find an unauthorized purchase.
If you head over KrebsOnSecurity, you will find more detailed information.