Credit Card And Customer Data May Have Been Compromised In GameStop Hack

With database breaches on the rise, security threats are of chief concern among corporations around the world. Although it's been a few months since the last major intrusion, that streak might soon change.

KrebsOnSecurity reports that GameStop is currently investigating what could be a significant database breach. The event has reportedly compromised credit card and customer information derived from online orders.

Concern was raised when a mass quantity of credit cards were listed for sale on a black market site, which include credit card numbers, credit card holder names, and more.

The most concerning piece of information is suspicion that CVV2 codes were included in the database siphon. Considered the last line of defense against credit card theft, merchant storage of CVV2 is illegal in the U.S. and parts of Europe as enforced by PCI DSS. However, KrebsOnSecurity notes that it is possible for malicious code to obtain CVV2 codes during the hacking process in cases where such codes aren't intentionally stored.

An intrusion of similar variety affected Sony in 2011. It has been reported that said hack cost the company $35 billion dollars, not to mention its affect on mind share among consumers who lost confidence in its handling of credit card information.

It was recently reported that GameStop is closing more than 100 stores worldwide in response to failing to meet its fiscal year objectives. The company is currently in a tough spot with the rise of digital game sales, and could face serious challenges ahead if a database breach did in-fact occur.