Hackers gained access to all the data GearBest users (Updated)
News / / December 19, 2019
The research team discovered a serious vulnerability VPNMentor databases online store GearBest. According to experts, the system of protection of customer information is not at all what they were told in detail in a large report.
Hackers VPNMentor, test the protection GearBest, easily gained access to customer names, their passport data, passwords, accounts, addresses deliveries, e-mail, physical address, phone numbers, lists of items purchased, and many other very sensitive information.
Using these data, the testers were able to enter in the same way as if they owned them and in many accounts. Attackers may then change all personal information and, for example, simply changing the address of deliveries on all orders.
Lose so purchase or account - the lesser of evils. More dangerous if the attacker tries to use the obtained personal data. In Russia, this set of data is enough to gain access to sites such as government services, banking applications, health information, and more.
In addition to these users, hackers reached GearBest internal data management system and the company Globalegrow, owns the shop. This level of access makes it easy to manipulate business data, change the properties of bases and even turn off the server entirely.
Hackers VPNMentor tried to contact representatives GearBest and Globalegrow, to inform them of the problems identified. But at the moment they no reply received.
update:
Representatives GearBest reported that immediately after the report was VPNMentor internal review started. It showed that the main database with customer information and transactions are fully protected by all necessary encryption. However, some of the confidential information is temporarily stored in external sources, really it was not protected.
External sources are used to store data GearBest to increase server efficiency and to prevent overload. Any information is not stored there for more than 3 days and then automatically deleted. From unauthorized access, such data are protected by a powerful firewall, but since March 1, 2019 they were turned off by mistake with one of the employees.
All orders from March 1, rechecked, and passwords of newly created accounts deactivated. All users, whom it might touch, sent a letter explaining the situation and the conditions of re-activate your account. GearBest representatives sincerely apologize for the incident and assured that they will continue to improve its security system, without compromising customer data.