4.11.2017

GameStop Investigating Data Breach

Pre-Owned Credit Cards For Sale


Used video game retailer GameStop is investigating a data breach compromising credit cards used on gamestop.com from September 2016 to February 2017. On Friday, GameStop confirmed the breach to security expert Brian Krebs, whose financial sources stated that card numbers, expiration dates, cardholder addresses, and even CVV2 numbers have been stolen. 

CVV2 numbers are the three digits on the back of a credit card and are not supposed to be stored by online retailers. This is because they are used to prevent a card number and expiration date from being used or duplicated if stolen. Since the CVV2s are difficult to get without the physical card, it is likely that malware infected the website.

GameStop hired a security firm to investigate on the same day it was notified. Right now, no further information has been disclosed, but they did acknowledge that the information may already be for sale online. So far, it seems that their retail stores are not affected.

“Those affected should keep an eye on their credit card statements, remove the card from their GameStop account, change their password, and consider having their card reissued.”

For now, important information such as the number of people or how the breach happened are still under investigation. GameStop has had some trouble staying profitable recently. Their controversial circle of life program, poor holiday sales and pending close of more than 100 stores are worrying investors. Those affected should keep an eye on their credit card statements, remove the card from their GameStop account, change their password, and consider having their card reissued.