GameStop are reportedly investigating claims that hackers may have breached their website and accessed credit card information, and a spokesman told KrebsOnSecurity that they are working to address the claims as quickly as possible.
"GameStop recently received notification from a third party that it believed payment card data from cards used on the GameStop.com website was being offered for sale on a website," they said. "That day a leading security firm was engaged to investigate these claims. Gamestop has and will continue to work non-stop to address this report and take appropriate measures to eradicate any issue that may be identified."
Other sources allegedly claimed that they had also received alerts from a credit card processor that the website was affected by intruders both in September last year and February this year, also claiming that the compromised data includes card numbers, expiration dates, names, addresses, and card verification value. GameStop apparently wouldn't comment on the time frame of the breach.
"We regret any concern this situation may cause for our customers," GameStop said in a statement. "GameStop would like to remind its customers that it is always advisable to monitor payment card account statements for unauthorised charges. If you identify such a charge, report it immediately to the bank that issued the card because payment card network rules generally state that cardholders are not responsible for unauthorised charges that are timely reported."
How can companies protect against breaches?