GameStop reveals massive security breach, credit cards data at risk

Gamestop, the world’s largest gaming retailer, has allegedly been hacked, putting the credit card and user details of hundreds of thousands of customers at risk.

If your debit/credit card information is saved on its website, we suggest you remove them immediately and check with your bank to confirm no breach has occurred.

The hack, according to Krebs on Security, took place between September 2016 and February 2017.

GameStop recently received notification from a third-party that it believed payment card data from cards used on the website was being offered for sale on a website,” GameStop told Krebs on Security. “That day a leading security firm was engaged to investigate these claims. GameStop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified.

Most hacks only compromise credit card details but leave the all important CVV2 security code left untouched. That’s the three digit code at the back of your credit card.

This gives you ample time to solve the issue as banks are usually notified if someone is trying out different combinations in quick succession, and they will temporarily block the card. However, you’re out of luck with the Gamestop breach.

Compromised credit card numbers aren’t always easy to monetize, but in this case hackers were able to intercept CVV2 numbers, which allow them to begin making fraudulent purchases immediately,” Enterprise Digital Rights Management (EDRM) company Seclore‘s chief executive officer told GamesBeat in an email. “There is a reason companies aren’t allowed to store this CVV2 data in their own databases, so the fact that the hackers were able to intercept these security codes elevates the severity of the incident significantly. My advice to GameStop customers is to scrutinize your purchase history for fraudulent activity and cancel your card if you suspect it may have been compromised. As with most things, and especially with cybersecurity, an ounce of prevention is far better than a pound of cure.

Things are turning out from bad to worse for the gaming retailer. It was only last month that it was revealed Gamestop is shutting down more than 100 stores, and this potential breach might go a long way in making things worse for them.