Yekaterinburg resident complained about repeated attempts of hacking her account in the online store Wildberries. Since the girl already hacked into the social networks, she set more restrictive authorization in the online store via SMS. The woman stepped away from the computer for a few hours, and during this time she three times received a message that someone is trying to get into her personal account Wildberries
Wildberries has not responded to a request by “FederalPress”. It is known that in March 2019 the representative of the online store stated that cases of hacking and leakage of personal data of the customers through mobile app was not.
Expert on information security company “Ekvid” Kirill Kazakov comments in the “FederalPress” noted that in Russia is not too concerned about the protection of personal data. “This is a priority issue for major services and shops, they are making efforts to protect their customers’ data. But small businesses are not always thinking about it. But not because they do not care about their customers, and because the issue is very complex,” explained the Cossacks.
If the level of data protection provided by the store, is low, the attackers can obtain access not only to the name, address and phone client data Bank card if it was used for purchases on this website. Therefore, it is important to consider how the store accepts and what he has done to the map data is not left in the wrong hands.
At the moment the highest international standard of data transfer security in e-Commerce is Level 1 PCI DSS. The sites on the platform “Ekvid” use technology to meet the standard: personal customer data remains protected. Thus the payment data store even does not collect: the customer enters the Bank card information right into the interface of the payment system. This eliminates an extra step in the transmission of information and improves security.
However, the buyer will not find out what made one or another store. Instead, the company recommends using simple but effective methods of security checks themselves. You should pay attention on website SSL certificate. For example, a site protected by such a certificate, “Yandex” notes icon in the form of a padlock. Doing the same browsers (Chrome, Safari, and other popular) in the string with the url of the website.
Need to know what method is accepted by online payment. It is recommended to pay by card for purchases only through well-known services and aggregators: Robokassa, Yandex office, a Bank, PayPal and others.
Kirill Kazakov noted that the absolute guarantee that personal information will not fall into the wrong hands, can not be. Lately, even such big corporations as Google is at the center of the scandal over leaks of data. To enhance the security expert advised to exercise caution when shopping online, put in their card limits for online spending, as well as used for purchases of individual email addresses.
“The case of the store specifically collected customer data and then hold them in some kind of fraud, our practice was not. If a leak happens, it is more likely to be carelessness by the seller: kept addresses and phone numbers of clients in a public document on the network, someone found and used. But to predict and to check in advance it is impossible”, — concluded the expert.
According to “Global study of leaks of confidential information in the first half of 2019,” prepared by the analytical center Infowatch, in the period, there were 1276 leaks of confidential information. Of these, 55.6% resulted from internal violations, and 44.4 per cent due to external impact. The total number of compromised records user data exceeded the figure of the first half of 2018, more than 3.6 times and amounted to 8.74 billion records.
A leading analyst of Infowatch Sergey Hiroc noted that in comparison with the same period last year an increase of leaks of confidential information amounted to 22%. Incidents ranged from small companies and global brands like Airbus, Apple, Facebook and Samsung. According to the analyst, in some cases, the damage amounted to hundreds of millions of dollars.
The analysis showed that the number of so-called “mega-leaks” (over 10 million records for one incident) had doubled during the study period there were 41 such leakage. Their share in the total volume of leaked data was 97%.
In 47.6% of cases the perpetrators of the leaks became current or former employees of the victim company, the motive of which was greed. It is also known that among the total volume of 74.3 per cent amounted to personal data of people. Another 10.8% — and payment data. Most incidents were recorded in the companies involved in hospitality, manufacturing and catering. Over 60% of leaks in such companies were deliberate in nature.
Infowatch analysts came to the conclusion that the impact of information regulation of States is small, because the number and magnitude of leaks is growing. For commercial companies, as ever it has become vital to protect data. Particular attention experts recommend to devote to counter the deliberate leaks of both staff and external sources.
Photo: FederalPress / Eugene Potorochin
Read more •••
Video of the day. Schooled: the police broke the glass in the bus