6-month GameStop card data breach confirmed by company

A data security breach affecting credit and debit cards used by online customers of a national video game retailer is another reminder of the need for an effective and secure approach to such payments. Card processing software that is vulnerable to outside intrusions doesn't just cause financial problems for businesses, it can lead to issues with trust and reputation as well – impacting future interactions with customers.

Video game retail chain GameStop recently confirmed an extended intrusion into its servers, where cybercriminals illegally captured payment details from customers. While there are no figures available related to the total number of shoppers affected, the length of the breach before it was recognized and secured is notable. Engadget said customers were vulnerable between Aug. 10, 2016, and Feb. 9, 2017.

Payment information accessed before, during and after holiday season

"The breach went on for six months before it was discovered."

Security analyst Brian Krebs initially reported on the breach and received early confirmation of an investigation into the matter in April. Krebs said the issue occurred online, where shoppers who entered their payment information were possibly at risk of having a host of credit and debit card data taken into the hands of criminals. Specifically, the hackers had access to the card number, the CVV2 security code present on the back of each card, the name and address of the cardholder, and the expiration date.

With that much information in hand, it's a simple affair for criminals to use such data to complete a wide variety of card-not-present transactions on the internet or by telephone.

"GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website," said a company spokesperson said in response to Krebs. "That day a leading security firm was engaged to investigate these claims. GameStop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified."

Businesses large and small need effective and secure solutions for processing the payments made every single day by customers. A lack of focus on the safety of payment data can lead to significant issues, up to and including a breach. Cloud 9 offers a platform that isn't just affordable and easily implemented, it's secure as well. Visit our website and reach out to us to learn more about secure and effective payment processing.

Leave a Reply

Scroll to Top