Magento ecommerce stores could be at risk of hackers

By Dan Wilson April 29, 2015 - 12:47 am

Security company Check Point claims it has discovered a serious security flaw in the Magento ecommerce platform. They claim the vulnerability could put shopper’s credit card, and other personal and financial details at risk.

The reported RCE (remote code execution) problem could leave as many as 200k Magento sites open to a hack attack, according to the Check Point press release.

Check Point alerted Magento to the problem in January and a patch (SUPEE-5344) was released on February 9th. If you’re a Magento merchant, then you’re well advised to check out that patch and apply it immediately.

Shahar Tal, Malware and Vulnerability Research Manager at Check Point Software Technologies says: “As online shopping continues to overpower in-store shopping, ecommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information. The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores – which represents about 30% of the ecommerce market.”

  • Mike
    2 years ago

    Yep! Happened on a new Magento of ours. The payment page was emailing some gmail addresses.

    We moved to Shopify so we could focus on our business and not on running a web server. Magento is near dead in the water and time will tell how long eBay will sustain it.

    It had it’s day in the sun and the company is lucky they got out.

Recent Comments

1 hour ago
Danny: So why not offer this to businesses?? Oh no they want to charge us businesses...
5 hours ago
Simon E: Poor old posties. You can picture them at Christmas, getting back to the sorting...
7 hours ago
tyler: Not sure it was Rob that destroyed your business, but I am guessing that if...
10 hours ago
tyler: Rob does not need to understand how we all work and how differently we operate...