Noscript and similar probably prevented your data theft if you bought anything from the desktop (letting every site in the world shove random javascript down your cpu is bad):
https://www.volexity.com/blog/2018/09/1 ... in-newegg/
https://www.riskiq.com/blog/labs/magecart-newegg/
Not sure about those that used the phone app as some "custom" apps are really just simple web-wrappers for a mobile site, while others use dedicated APIs etc.