Security gaps have been discovered in eBay’s Magento e-commerce platform. This ubiquitous platform is currently being utilized by more than 200,000 online stores. Of these some 71,000 stores have already been exploited by cyber hackers.
Check Point Software Technologies, a pure-play security vendor, announced early this week that their malware and vulnerability research group had discovered these serious breaches.
“As online shopping continues to overpower in-store shopping, e-commerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information,” said Shahar Talm, research manager at the Israel-based security firm. “The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores – which represents about 30 percent of the e-commerce market.”
The gap in the system allows hackers the ability to bypass security protocols and hack into customer payment data. This possible breach could open millions of online shoppers to the risk of credit card fraud.
This is the second time this year that such a security gap has been detected. Earlier this January, Check Point had issued an alert to eBay of a flaw. eBay promptly issued a security patch to address the problem. However, the patch does not appear to have done the job. eBay says it is not aware of any impacted customer data from the vulnerability.
Although online shoppers are at the mercy of online stores from which they make their purchases, here are some things to keep in mind when you buy online:
Look for the padlock in the URL. This indicates that the online shop uses HTTPS to encrypt data.
Don’t leave your credit card information on any website. Submit the data when you make your purchase, then promptly remove it from the site.
Check your credit card statement each month. Review every line of your monthly statement and look for discrepancies.