A video game developer gave customers a $5.00 discount off their next purchase after discovering a data breach that affected two of its online stores.

Nippon Ichi Software, a Japanese developer and publisher of video games, claims in an email sent out to customers that it identified the breach on 26 February. The incident involved the addition of a “malicious process” to the checkout pages of two of its online stores, nisamerica and snkonlinestore. NIS believes the process was active since at least 23 January.

Cloud Native Now

The company explains in its email that the modification allowed attackers to skim unsuspecting customers’ personal information when they completed an order using their credit cards outside of PayPal during the specified time period. As quoted by Nintendo Life:

After entering their billing, shipping, and payment information, the customer would be temporarily redirected to an offsite web page not owned or operated by NIS America, Inc. This malicious process would record the information provided by the customer during the checkout process, including credit card information, billing address, shipping address, and email address. Afterward, the malicious process would return the customer to the NIS America store page to complete their transaction.

Cybersecurity Vulnerability Manager Kevin Beaumont heard that a writable AWS S3 bucket was behind the breach.

At this time, NIS has not confirmed what issue caused the redirects.

In response to the breach, the company temporarily took down its affected online stores and solved whatever was causing the malicious activity. It then announced it (Read more...)