GameStop Website May Have Been Compromised; Credit Card Details Stolen

If you’ve bought anything online from Gamestop, then you might want to put down whatever’s splitting your attention and look over here, because your credit card information may have been compromised.

A report filed by Kerbsonsecurity informed the public the other day that both customer data and credit card info may have been compromised in an attack against Gamestop’s online servers. Upon being contacted about the possibility of a breach, GameStop released the following statements:

"GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website. That day a leading security firm was engaged to investigate these claims. Gamestop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified."

Two sources within the financial industry were reported by Kerbs to have told they have received alerts from a credit card processor, which was the foundation of the claim. This compromise supposedly took place between mid-September 2016 and the first week of February 17th, which is a massive span of time: so if you did business with them in that time, be aware that it’s not unlikely that the following things were compromised:

Customer card number
Expiration date
Name
Address
CVV2 number

Gamestop recommends that you keep a close eye on your credit card payments and report any unauthorized payments: the sooner you report, the more likely you are to get your money back and be able to get a new card. That’s also the suggestion I’d give you if you don’t want to take the immediate step of simply replacing your card. That is quite the hassle over a hunch.

Regardless, the leak hasn’t been confirmed quite yet, so it’s not impossible this is just hot air. But better safe than sorry.