Security flaw impacts 200,000 e-commerce sites

Monday, April 27, 2015 - 10:34 by David Aiken

A new issue with popular online retail platform, Magento, has been unearthed, leaving an estimated 15 per cent of all e-commerce sites vulnerable to exploitation, according to SC Magazine.

Security analysts at Check Point Technologies were the ones who revealed the issue with Magento’s coding, with the upshot being that millions of users are potentially at risk of having personal information stolen.

Online auction site, eBay, is one of the biggest names to use the Magento platform, although the good news for customers is that they can still carry out safe shopping online with this service, because information of the flaw was passed onto eBay earlier this year and it has patched the vulnerability in an update, to keep data protected.

However, many other sites are still running an older version of the platform, which means that the vulnerability will still be exploitable by cybercriminals until something is done to address this.

Check Point spokesperson, Shahar Tal, said that e-commerce sites were a huge target for hackers, which is why boosting security and keeping up with changes in the market are key to ensuring that customers can carry out safe shopping online.

Although there are hundreds of thousands of e-commerce sites out there, the reality is that most of them are based on the underpinnings of just a handful of software platforms, which are designed to handle orders with ease. And so when a security flaw is flagged up, it can have a wide ranging impact across the industry in the UK and internationally.

Customers also play a role in staying safe online, with the act of regularly changing the password used to log into an e-commerce site, one of the best ways to avoid being stung. But, ultimately, the retailers need to bear responsibility for protecting the data with which they are trusted.