Many online stores are exposing private customer data

Some stores are reckless with their data, report claims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Many top online stores are exposing private customer data, putting both the business, and their users, at risk ofidentity theft, extortion attacks, and other cybersecurity incidents, new research has claimed.

Analyzing more than 2,000 online stores, Sansec found that 250, or approximately 12%, kept theirbackupsin public folders which are easily accessible to anyone who knows where to look.

The backups, mostly .ZIP, .SQL, and .TAR archives, contained sensitive information, such as databasepasswords, secret administrator URLs, internal API keys, and personally identifiable customer information.

Costly mistakes

Sansec says businesses kept these backups public either in negligence or in error.

At the same time, cybercriminals are well aware that businesses sometimes make these mistakes, and are always on the prowl for fresh victims.

“Online criminals are actively scanning for these backups, as they contain passwords and other sensitive information,” Sansec said in its report. “Exposed secrets have been used to gain control of stores, extort merchants and intercept customer payments.”

These countries have the most exposed databases online>Millions of MySQL servers found exposed online - is yours among them?>Check out the best security suites right now

Hunting for exposed backups is an automated practice, BleepingComputer said in its report. Attackers look for different combinations of possible names, using the site’s name and public DNS data, for example “/db/staging-SITENAME.zip”. These scans are inexpensive and don’t hurt the site’s performance, so hackers are free to conduct as many as they can.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

To tackle the threat, Sansec says, website owners and IT teams should regularly analyze their sites for databases exposed in error and out of negligence. In case they find such a database, resetting admin accounts and database passwords, and enabling MFA on all employee accounts immediately, is recommended.

What’s more, IT teams can check the web server logs to see if anyone downloaded the backup. They can also check admin account logs to see if any third-party accessed them.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time