Photo by Ethan Miller/Getty Images

A very bad year for GameStop got even worse this week, as the retailer sent out letters to online customers informing them that their credit cards may have been stolen.

In the letter, which several Kotaku readers (and an editor-in-chief) received yesterday, GameStop says that breachers may have obtained names, addresses, and credit card information from anyone who “placed or attempted to place orders on our website from August 10, 2016 to February 9, 2017.”

“We are notifying you because you placed or attempted to place an order on www.GameStop.com during this time period using a payment card ending in [number],” the letter says, confirming a report from earlier this year.

Advertisement

In a statement to Kotaku this morning, the company said: “GameStop identified and addressed a potential security incident that was related to transactions made on GameStop’s website during a specific period of time. GameStop mailed notification letters to customers who made purchases during that time frame advising them of the incident and providing information on steps they can take.”

Advertisement

This news comes at a tough time for GameStop. The retailer has been struggling to adapt to the video game industry’s move toward digital games, and it has taken fire for its controversial Circle of Life program, which uses quotas to measure employee performance.