Newegg customers were vulnerable to website hack for more than a month

If you’ve been jonesing to build a new PC, or just need to upgrade your graphics card, you may want to hold off purchasing anything from for a little while. The PC parts online retailer said on Twitter Wednesday that it discovered one of its servers had been injected with malware, potentially putting customer data at risk.

In the same tweet, Newegg said it had removed the malware and is researching to see what information may have been compromised and is “sending emails to customers potentially impacted.”

Newegg, founded in 2001, is one of the globe’s largest online retailers of computer parts, ranking No. 173 on Forbes’ list of the largest private companies in 2017 with 45 million unique visitors per month. According to Forbes, Newegg earned $2.7 billion in revenue the same year.

According to TechCrunch, hackers managed to inject 15 lines of credit card-skimming code onto the retailer’s payment page from Aug. 14 to Sept. 18.

In an email to customers sent out Wednesday, Newegg CEO Danny Lee stated that the company had not yet determined which customers have been affected. He also stated that the company will be releasing a FAQ on Friday to address common customer questions.

“The malware is no longer on our site and we will be doing our best to bring the culprits to justice,” Lee wrote.

A Newegg representative did not immediately respond to a request for comment.

Yonathan Klijnsma, a threat researcher at cybersecurity company RiskIQ, told TechCrunch that the hack looked similar to one carried out by a group known as Magecart against British Airway two weeks ago. Conveniently enough for Magecart, their hack worked on both Newegg’s desktop and mobile storefronts.

“While some Magecart groups still target smaller shops, the subgroup responsible for the attacks against Newegg and British Airways is particularly audacious, performing cunning, highly targeted attacks with skimmers that seamlessly integrate into their targets’ websites,” Klijnsma wrote in a RiskIQ blog.