NewEgg cracked in breach, hosted card-stealing code within its own checkout
arstechnica.comIs there a way to protect yourself as a user/client ?
If you use a credit card, you won’t be held responsible for any unauthorized charges that might result from breaches like this.
Is that an automatic process, or is it something I needed to specifically watch out for? (In other words, a headache)
A combination of both: the card company will notify you of known issues and clean up what they can, but they won’t catch everything. In any case, it’s a good idea to be regularly monitoring your card statement anyway because stolen card numbers aren’t the only issue with excessive charges you might face: there are also incorrect billing charges from legit vendors who made a mistake, being signed up for services you didn’t want (like the kind Wells Fargo was found guilty for doing), etc.
It's worse than a headache.
With debit cards, you don't get a refund.
With cc's, typically you will have to state that you did not know about the fraudulent charges and that you did not loan out your card.
Usually you get an immediate credit with 60 days for the bank to finalize it.
However, if the number was entered into a database, the merchant can keep billing forever. Sometimes changing the cc number works, but sometimes the bank "forwards" the new charges to your replacement card.