A hacker reportedly skimmed credit card numbers, security codes, and addresses from the NIS America checkout process, according to the company.
If you recently went shopping on NIS America’s online store, you may want to double check your latest credit card statement. The company sent an email to users this week informing shoppers that their credit card information may have been stolen in a hack.
According to the email, which was obtained by Nintendo Life, a “malicious process” was found on NIS America’s online store checkout page on Feb. 26. An unauthorized presence reportedly added a redirect to an external web page that grabbed users’ payment information, including credit card numbers, CVV security codes, expiration dates, shoppers’ names, their addresses, and their emails.
While orders were then successfully processed by NIS America afterward, this meant an unauthorized presence was skimming data from unsuspecting shoppers in between placing their order and successfully sending it over to NIS America. The breach reportedly began on Jan. 23 and lasted until Feb. 26, impacting the site for an entire month. NIS America has since plugged the data breach’s entry point and improved the store’s security features.
“Once we became aware of this issue, we immediately took our store pages offline to prevent any further breaches,” NIS America explained, according to Nintendo Life. “After taking our store pages offline, we scanned all our processes to determine the exact point of entry, as well as determine when this change occurred on our online stores. We have taken steps to solve the issue that resulted in this breach, along with several other steps to improve our site’s security.”
If you recently shopped at NIS America, there are a few details to keep in mind before canceling your credit card. For one, the unauthorized website only skimmed data from the checkout process itself. PayPal accounts were not affected, Social Security numbers weren’t grabbed, and any cards typed into the NIS America checkout page before Jan. 23 were not stolen.
The problem was also resolved by Feb. 26, meaning if you only bought something from NIS America in the following days, you should be okay. Also, as of this time, only NIS’ North American online store was affected, not its other regions.
In an attempt to earn shoppers’ “trust and confidence” after the breach, NIS America is sending shoppers a $5 discount within the coming days.
