By secretly planting a few lines of code into Newegg’s website payment page, hackers were able to steal the credit card details of customers who made purchases between August 14 and September 18, TechCrunch reports.

The cyberattackers responsible are, reportedly, the same ones who attacked British Airways and Ticketmaster. Referred to as Magecart, the group used a technique described as a code-based credit card skimmer. As TechCrunch describes, “Hackers injected 15 lines of card skimming code on the online retailer’s payments page.” That code then pulled credit card data that customers entered and sent it to a server with a similar domain name. TechCrunch notes that the hackers’ server even used an HTTPS certificate to blend in.

Researchers pointed out that just a few lines of javascript can have devastating consequences.

Customers who shopped at Newegg’s site between August 14 and September 18 are advised to contact their banks and cancel their payment cards.

Get the full story at TechCrunch.