Internet safety for eCommerce sites has been in the headlines again this past week as the report hit of a Magento bug which had left millions at risk. The flaw now fixed, Magento users are urged to install the Magento software updates as soon as possible.
The bug left Magento eCommerce websites at risk of attack or hijack by leaving hackers able to access and use administrator rights to the websites in question and thus able to retrieve personal and payment information.
Magento reacted quickly and a patch fix is available now. There have been no reports of security breaches as yet however those who shopped before the bug was found and fixed could be at risk.
The usual advice following a security breach applies:
• Change passwords, ensuring your password contains a lively mix of letters, numbers, capitals and characters for maximum protection.
• For purchasers, check debit and credit card statements thoroughly for any anomalies.
• Ensure a good antivirus program is installed on all devices
The bug was an XSS bug found in editions of Magento Community and Magento enterprise. It was found in the administrator’s backend, potentially opening up those administrator privileges to hackers. In theory it could have allowed hackers to bring in JavaScript code in customer registration forms that could be later used against affected customers.
Security Issues can happen with any eCommerce platform
Security issues like this can and do occur on a regular basis and its well worth doing your research when choosing your eCommerce provider. Choose a reputable provider with good reviews and a history of dealing with any software flaws and patches quickly and cleanly.
Shoppers can do little to protect against these incidences. The responsibility in true lies with the eCommerce provider. Using an eCommerce platform, like using any third party provider of services when delivering a product, products or service to consumers, is fraught with pitfalls. The reputation of your own brand and business is often at the whim of the providers you use and good care should be taken when selecting any provider.
Leave a Reply