GRAPEVINE – GameStop is investigating the possibility of a major database breach that has compromised credit card numbers and detailed information belonging online customers of gamestop.com.
KrebsOnSecurity is reporting the Grapevine-based company was notified by a third party when a massive amount of credit cards were put up for sale on a black market website. Information suspected of being compromised from the video game retailer includes the customer name, address, credit card number, expiration date, and the CVV2 verification number, usually a 3-digit code.
It is illegal for vendors to store the CVV2 number, but some malicious software can record the codes before the data is encrypted and processed.
GameStop operates more than 7,000 retail stores across the U.S., Australia, Canada, Europe, and New Zealand.