Skip to main content

GameStop investigating security breach

Retailer looking into claims of stolen customer credit card data

Those who make a habit of shopping through GameStop's online storefront may want to keep a close eye on their credit card activity, as the specialty retailer is investigating whether hackers stole customers' credit card information over a period of months.

KrebsOnSecurity today reported the news, saying two sources had informed it that a credit card processor had determined GameStop.com security was likely compromised between September 2016 and February 2017.

"GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website," a GameStop spokesperson told the site. "That day a leading security firm was engaged to investigate these claims. GameStop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified."

The site's sources believed the stolen information included names, addresses, and all key credit card information, including the CVV2 numbers printed on the backs of users' cards. Those numbers aren't supposed to be saved by online merchants, KrebsOnSecurity noted, but could be stolen by hackers who managed to insert their software into a company's site.

Read this next

Brendan Sinclair avatar
Brendan Sinclair: Brendan joined GamesIndustry.biz in 2012. Based in Toronto, Ontario, he was previously senior news editor at GameSpot.
Related topics