200K eCommerce Sites At High Risk For Hack

New data from Check Point Software Technology shows that there may be have been a “massive vulnerability” in the Magento eCommerce Platform that could have a significant impact on the security of the eCommerce Market.

Check Point, a pure-play security vendor, announced recently that their Malware and Vulnerability Research Group discovered gaps in eBay’s Magento eCommerce platform that could impact thousands of online shops. Check Point’s report shows that the security vulnerability could impact as many as 200,000 online shops.

“As online shopping continues to overpower in-store shopping, eCommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information,” said Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies. “The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores – which represents about 30 percent of the eCommerce market.”

The report from Check Point indicates that this security flaw could open millions up to credit card fraud and could put the data of online shoppers at risk. The flaw, as it’s explained gives the hacker the ability to breach online sites using the Magento platform — and its customer’s payments data. The vulnerability enables hackers to bypass the security in place and take over the store’s online database, which is where the credit card theft could occur.

Check Point alerted Magneto about the flaw in January — and Magento said it issued a security patch to address the flaw — but the news of the risk was just publicly released last week.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

1 Comment