GameStop is currently investigating reports of data breaching, which includes credit card data and personal customer data after being informed by a security firm. These breaches were caused by hackers that maliciously install software that sends the CVV2 data before its encrypted and processed.

If you made any purchases on GameStop.com between September 2016 and February 2017 there is a chance your information is compromised. Check your banking statements from September to now and look for any odd charges that may have occurred. For good measure I would cancel and get it replaced if possible too.


Source 1

Source 2

 

[Alkéryn]

Even that is too much.

Well this is the minimal you can do to allow online transaction

 

[hobbledehoy899]

Well this is the minimal you can do to allow online transaction

Input your number manually each time.

 

[the_randomizer]

Good thing I haven't bought anything from them in nearly a year Sucks but isn't surprising.

 

[WiiUBricker]

No wonder Switches were sold out. Hackers were purchasing them for themselves.

 

[Alkéryn]

Input your number manually each time.

Not way safer, MITM attack is still possible
Better using paypal

 

[RemixDeluxe]

Input your number manually each time.

The information is compromised from the moment the information is processed. Whether you save your card data or not makes no difference.

 

[Alkéryn]

The information is compromised from the moment the information is processed. Whether you save your card data or not makes no difference.

Exactly

 

[hobbledehoy899]

The information is compromised from the moment the information is processed. Whether you save your card data or not makes no difference.

Eh, it's still something.

 

[RemixDeluxe]

Eh, it's still something.

The only concern with saving card info is if you share your account, having an easy password, or installed a keylogger. But that isn't the case with what happened here.

It should go without saying to keep your passwords not the same across multiple accounts especially email. If one site gets breached of account login info then that's only one place to worry about rather than dozens.

 

[Ev1l0rd]

I don't even have GameStop in my country lol.

Here we have Intertoys (mostly physical toys, but their games section is alright), Bart Smit (solely games and physical toys, no gaming merch aside from amiibo and skylander toys) and Game Mania (used games and merchandise). Unless you order online, then bol.com is the king.

 

[leon315]

well, i heard GS finance went RED last fiscal year, sounds like a piss of internal conspiracy.

 

[naddel81]

good thing that I used PayPal on that moronic site!

 

[death360]

Good thing I don't buy shit from them.

 

[Windaga]

Yikes. The only thing I bought from them during that time period was actually purchased with a prepaid Gift card, so I'm good but still, that really sucks.

 

[Lumince]

Ouch... That could have explained why I had to get a new card then... Money just poofed out of no where... Dirty peasants... Not shopping at gamestop anymore...

 

[chartube12]

That wasn't their doing. Hackers installed software which sent over the data before it was encrypted and processed for purchasing. I'm wondering why this wasn't discovered sooner if this has been going since September.

It only took target and best buy having cc info stored in plan text and getting hacked for the us to use chipped cards. Meanwhile EU has had them for decade at least!

Btw US government. You may have made it mandatory for every non-store card to be chipped and have a chip reader, but you left a loop hole wide open. The bill doesn't require the chip readers to actually be turned on. Wawa for example has the readers, but doesn't have them enabled. I was talking with one of their managers, their chip readers probably will never be turned on. The wawa corporation believes the chip readers will slow down purchases too much for them and they will lose business. Don't use the chip and your transaction isn't encrypted on the cards end. I hope wawa is at least encrypting them on thier end.

For those who don't know. The chips on the credit/debit cards generates a random card number each time the chip is used. that number is linked to your real card number. Further more the randomly generated number and the transaction are also encrypted. The random number expires for use in 24 to 48 hours.

Not sure why online transaction systems are not mandatory encrypted in a simular matter, other then laziness and cheapness. Visa and MasterCard are right, their is no reason in today's technological world, why stores need to know, see and use your real card number(s).

 

[xile6]

This is why i hate online purchases, i only ever buy from the local store, never online. Only time i buy online is if i can't reach local. Still i never store my credit card info. Not on psn, not on eshop, not on steam, not on anything!

Don't ever store your card info, even if you want easy transactions, just don't please!

Never heard of target?

They have everyone card information stolen at the swiper. Was something that all data got sent somewhere else before it went to there bank

 

[Pacheko17]

Lol I can't even buy from them

 

[chartube12]

Never heard of target?

They have everyone card information stolen at the swiper. Was something that all data got sent somewhere else before it went to there bank

The data waa also stored in plan text files in both the servers and instore PCs. Effectively, target was completely neglectful

 

[xile6]

The data waa also stored in plan text files in both the servers and instore PCs. Effectively, target was completely neglectful

Yea reason i never shop there. Its always something wrong. From items being mislabled to infor beong stolen. Etc...