NIS America has announced, via email and social media, that their online stores suffered a serious security breach within the last week, leaking the personal data of multiple new accounts to the hackers responsible.
The publishers have since took the store down to prevent further information from being stolen. But several customers on twitter are claiming that the damage has already been done, and that they have found unexpected purchases popping up on their card bills. The leak is believed to have affected both the "nisamerica" and "snkonlinestore" sites.
NIS Online have stated that any lost information would only be pertaining to new customers who made a purchase, via card, during the period of January 23 to February 26. PayPal customers, or anyone ordering items before that time window, do not appear to have been affected as of yet.
From an email sent out by NIS Online: "After entering their billing, shipping, and payment information, the customer would be temporarily redirected to an offsite web page not owned or operated by NIS America, Inc. This malicious process would record the information provided by the customer during the checkout process, including credit card information, billing address, shipping address, and email address. Afterward, the malicious process would return the customer to the NIS America store page to complete their transaction."
It is recommended that all customers change their passwords immediately and check their card statements for any suspicious activity. NIS Online are currently attempting to recognise the point of entry for the breach. In a line of recompense that, frankly, they perhaps should have left out for now, the company are offering $5 discount vouchers to customers on their next purchase.
via destructoid https://www.destructoid.com/nis-america-s-online-stores-suffer-severe-data-breach-492280.phtml