Hackers Get NIS America Customer Data
NIS America, publisher of Japanese role-playing game franchises like Ys and Disgaea, suffered a major data breach that compromised customer data, according to International Business Times. In an email to affected customers last week, the company said hackers breached its online stores sometime between January 23rd and February 26th. They reportedly skimmed the personal information of customers who placed orders during that time, including names, addresses, credit card numbers, expiration dates, and email addresses. PayPal users were not affected.
Hello everyone, you may have received an email regarding a data breach of the NISA Online Store. This is a valid and legitimate email. Please stand by as we work on resolving the issue. Thank you for your patience and understanding!— NIS America, Inc. (@NISAmerica) March 1, 2018
"After entering their billing, shipping, and payment information, the customer would be temporarily redirected to an offsite web page not owned or operated by NIS America, Inc.," the email states. "This malicious process would record the information provided by the customer during the checkout process, including credit card information, billing address, shipping address, and email address. Afterward, the malicious process would return the customer to the NIS America store page to complete their transaction."
NIS America says it immediately took the stores offline when it noticed the issue and took steps to resolve it. It suggests cancelling affected credit cards and monitoring credit reports for any discrepancies. As an apology, it's also offering $5 discount codes for customers' next purchases.