• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Gamestop.com Investigating Possible Breach

I haven't bought anything since 2015. The article makes it sound like the hackers were probably harvesting data at the time of the transaction, hence the CVV2 codes.
 
I last bought something from them in October but I got a new card after the Arby's hack and hadn't updated my card on the site since then, so I should be okay.
 

Tek

Member
I used paypal for my Nintendo Switch....hmmm I do have 2 step active on my paypal account though
 

FX-GMC

Member
I last bought something from them in October but I got a new card after the Arby's hack and hadn't updated my card on the site since then, so I should be okay.

I had to get a new card near the end of last year from a Wendy's hack. These people need to find better things to do with their time
like rot in jail
 

Kawngi

Member
Ugh, I never shop at GameStop online or retail, but I bought an NES classic from their site as it was the only place I could snag it at the time. Fuckkkkk.
 
Did you have to buy something during that window or were they able to steal any data stored on the site? I haven't bought anything from them in a while but I saw 2 currently active cards on my account.
 

LOLCats

Banned
I was never actually able to buy anything from gamestop.com using my debit or cc due to some address mismatch issue.... never have the problem anywhere else so i had to use paypal a couple times in 2015.

blessing in disguise!
 
Wait! its just for that time period? Because I've only bought twice from them. Back in Jan 2015(Majors Mask), and recently, March 21.

Is your card still on file with them? You can go to Account Details -> Payment Methods and see. But it's not clear yet whether the data was harvested from their database or simply at the time of the transaction (i.e. pre-encrypted)

Did you have to buy something during that window or were they able to steal any data stored on the site? I haven't bought anything from them in a while but I saw 2 currently active cards on my account.

I don't think it's clear yet, but if they harvested CVV2 codes it would seem likely they were harvesting at the time of transaction, unless Gamestop was storing the CVV2 codes which would be a big black-eye for them since that is a no-no.
 
Paypal likely not affected?

Also why are people who haven't bought from them in years posting here? You don't have to act high and mighty when people's financial information might have been stolen. That's just shitty behavior.
 

Vaev

Member
I read the summary from OP but I still can't figure out if it's the website and retail or just the website... I recently got a few accessories for my Switch at a retail store, I wanna know if I'm at risk :/
 

Jayne

Member
Damn, literally had two unauthorized charges on my debit card last night. I have used that card several times on GameStop's site. I ain't sayin' it's connected for sure.. but that timing..
 

Tenumi

Banned
Hmm... I did buy something during the time period, but purchased as a guest. Nevertheless, I think I'd be best informing the card owner to keep an eye on it...
 

ViciousDS

Banned
Do the physical stores have the new CC chip readers or old school swipe?

I can't remember, I was there in JAN... first time in years... but it sounds this is online only.


If it's the physical card number with a security code they can actually force any machine with a combo setup. Where it accepts swipe and chip to accept the swiped
 

RootCause

Member
Is your card still on file with them? You can go to Account Details -> Payment Methods and see. But it's not clear yet whether the data was harvested from their database or simply at the time of the transaction (i.e. pre-encrypted)



I don't think it's clear yet, but if they harvested CVV2 codes it would seem likely they were harvesting at the time of transaction, unless Gamestop was storing the CVV2 codes which would be a big black-eye for them since that is a no-no.
I added my card on March 21.
 
Shit, that's where I got my Switch.

I used my Amazon Prime Visa there though and they just sent me a new one with a new CVV. Is that sufficient or am I going to need a new card?
 

Rootbeer

Banned
Need to know if Pick Up In Store orders are impacted (when placed online) :/

Ehh timeline is too sketchy for me, I got a new CC and added it on there but I honestly don't remember if that was after Feb or not... and I can't seem to tell which CC was used on specific orders.

Seriously though that is a HUGE window of time. Gamestop dun fucked up.

Having your CC # stolen from a website in 2017 is inexcusable... we need more laws that punish companies that don't properly encrypt that data and protect it. I get that hackers are going to try to break in and sometimes succeed... but they should never be able to find anything in an unsecured state
 

JayEH

Junior Member
Ehhh I ordered something there last month but didn't store my card info, would the hackers still have access to my card?
 
Fuck. I don't use GameStop in forever and then the Destiny 2 LE is announced as exclusive to them. I bite the bullet and buy it last week and now this. Thanks Bungie!
 

Head.spawn

Junior Member
If my credit card info is stolen from that one time i used that shit website to preorder Steam Link/ Steam Controller as soon as it went up for sale and then they fucked up my order and tried to tell me to wait with my thumb up my butt for another month for it to ship after launch...

I'll seriously rally the squad and egg that place.
 

Nudull

Banned
I only used Gamestop's site once, but that was with my old card + it was a long time ago. Either way, I should be safe.
 

Kyrios

Member
The one and only time I used Gamestop.com was in 2014 and I'm 99% sure it was with a now expired card. Either way this sucks.
 

Instro

Member
Yeesh, better get a new credit card.

Edit

Oh looks like I might be safe. All my purchases for them recently were with trade credit, and I don't have a CC attached to my account.
 

Opt1kon_

Member
thank goodness I've never ordered online, I will say tho I feel for those who actually do that can definitely be a sucky situation
 
I remember buying Hitman when it was 15 from them this past BF. Pretty sure I used PayPal though. Time to double check.

Edit: Yup PayPal saved my butt.
 

Velikost

Member
Fuck. Bought several digital codes from them around Black Friday time. Was hoping I paid with PayPal but I didn't.

My bank charges for new cards so I guess I'll just have to watch my account like a hawk for the time being...
 

ggx2ac

Member
Does this breach only affect Gamestop.com in the US or does it also affect their other regions around the world?
 
Noooooooo

... is what I would say, if reporting cc fraud wasn't so easy. Thanks for the heads up, OP, will keep an eye on the account.
 

diablogod

Member
My bank called me about fraudulent charges on the debit card that's saved to my GameStop a few days ago . I think the bank blocked them though because I see no activity. Time to get a new debit card I guess.
 

Usobuko

Banned
Don't save cards on any website. The cards I used to buy online stuff have less than $100 bucks in the account and I will get notified if anyone made any payment / transfer. Plus the last time I bought from gamestop was 2014.

So, I'm safe I guess.
 

big_z

Member
Don't worry i'm sure you'll be able to trade in your old credit card for a shiny new gamestop rewards* credit card!
 

Tubie

Member
Went through my card history and everything looks in order, even tho I made an online purchase during that time frame.

I'll call my bank and order a new card anyway just to be safe.

Considering the dire situation Gamestop is currently in, this is another blow when they are already down.

Can't say I feel too bad for them tho.
 

dafodeu

Member
You can use PayPal on Gamestop glad I always did to avoid these issues. I have bought from their website many times.
 
Top Bottom