On September 18, Newegg discovered a month-long security breach that exposed users' credit card information. The malicious code injected into Newegg's final checkout page was active from August 14 to September 18, affecting both mobile and desktop users. It's currently unknown which accounts were affected, but in an email to customers who made purchases during this time period, Newegg advised users to keep an eye on their accounts for any suspicious activity. Newegg plans to post a FAQ on September 21 that will answer common questions about the breach; the link to the FAQ will be published on Newegg's social media platforms.

Although the scope of the breach is currently unknown, it appears to be the work of hacking group Magecart, which is also responsible for recent data breaches at Ticketmaster UK and British Airways, according to threat management firm RiskIQ. For more information about the security breach, click here.