online shopping concept woman with credit card on a laptop
News | Privacy

One in nine online stores are leaking your data, says study

Posted: February 14, 2023 by Malwarebytes Labs

eCommerce security company Sansec has revealed it’s found a number of online stores accidentally leaking highly sensitive data.

After studying 2,037 online stores, the company found that 12.3 percent exposed compressed files (in ZIP, SQL, and TAR archive formats), which BleepingComputer noted appear to be private backups containing master database passwords, confidential admin URLs of stores, full customer data (PII, or personally identifiable information), and internal API keys on public-facing web folders without requiring authentication.

The Sansec Threat Research group also found multiple attack patterns coming from various IPs, suggesting that a number of threat actors have known about this online store flaw and are working to exploit it.

In a post, the researchers said:

“We have observed automated attacks against online stores, where thousands of possible backup names are tried over the course of multiple weeks. Because these probes are very cheap to run and do not affect the target store performance, they can essentially go on forever until a backup has been found.”

Sansec urges online web store owners to make sure sure they aren’t leaking sensitive data. Start checking if backup files are open to the public internet and, if they are, close them immediately, and investigate the store for any signs of compromise. The company recommends the following steps to site owners in the event of accidental exposure:

  • Check server logs for signs of backup file downloads.
  • Check for unauthorized admin accounts.
  • Change all passwords.
  • Implement two-factor authentication (2FA).
  • Ensure the remote database admin panel isn’t showing up on the public internet.
  • Run an eCommerce malware scanner.

Lastly, to avoid creating accidental data leaks on online shops, Sansec advises owners to deploy store code on a read-only file system, schedule frequent backing up of files, restrict access to backup files, and start monitoring for online data exposure.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

RELATED ARTICLES

TikTok logo
News | Personal

TikTok comes one step closer to a US ban

April 24, 2024 - The US Senate has approved a bill that will ban TikTok, unless it finds a new owner, bringing it one step closer to being signed into law.

CONTINUE READING 0 Comments
UnitedHealth Group logo
News | Personal

“Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare breach

April 23, 2024 - UnitedHealth has made an announcement about the stolen data in the ransomware attack on subsidiary Change Healthcare.

CONTINUE READING 0 Comments
The Lock and Code logo, which includes the Malwarebytes Labs insignia ensconced in a pair of headphones
Podcast

Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09

April 22, 2024 - This week on the Lock and Code podcast, we speak with Justin Brookman about past consumer wins in the tech world, and how to avoid despair.

CONTINUE READING 0 Comments
Discord logo
News | Privacy

Billions of scraped Discord messages up for sale

April 22, 2024 - An internet scraping platform is offering access to a database filled with over four billion Discord messages and combined user profiles.

CONTINUE READING 0 Comments
week in security
News

A week in security (April 15 – April 21)

April 22, 2024 - A list of topics we covered in the week of April 15 to April 21 of 2024

CONTINUE READING 0 Comments

ABOUT THE AUTHOR

Malwarebytes Labs

Malwarebytes Labs

Contributors icon

Contributors

Threat Center icon

Threat Center

Podcasts icon

Podcast

Glossary icon

Glossary

Scams icon

Scams