NIS America confirmed their online store was the target of a data breach, and any purchases from January 23rd to February 26th may be affected. According to an email posted on ResetEra, a malicious redirect was placed on the checkout page which would skim personal data, including credit card information. Orders placed with PayPal were unaffected, and Social Security Numbers are still safe. Purchases were still completed, and orders processed, but the thieves would be in possession of all of your financial info. It is worth noting, however, that the breach appears to have only affected information provided by users themselves, and did not actually affect NISA's stored data.
In response to the data breach, NIS America took the store pages offline for maintenance to "ensure something like this does not happen again." The SNK online store, which is run by NISA, was also affected. NISA is also offering a $5.00 discount code for users' next purchase in the online store. NISA did not say how many users might have been affected. This breach comes weeks after NISA announced several game releases for later this year, and opened preorders for Labyrinth of Refrain.
Obviously, any data breach is bad for a company, no matter the scope and scale. Users on Twitter and beyond were reporting fraudulent charges of hundreds of dollars, inevitably resulting in new credit cards and credit monitoring. Indeed, the EU-based security firm Gemalto runs the "Breach Level Index," which reports that well over nine billion data records have been stolen since 2013. A number that is likely far below the real total, either due to under-reporting or new discoveries, as is the case with the colossal Equifax data breach last year. With hackers targeting niche companies like NIS America, data breaches are an inevitability, not a possibility. Hopefully, NISA has installed enough safety measures to ensure a breach doesn't happen again.