258e2 logo - Gearbest security lapse exposed millions of shopping orders.
Apps Smartphones

Gearbest security lapse exposed millions of shopping orders.

So chinese online shopping giants Gearbest has just leaked millions of users profiles and shopping orders. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders, and payment records.

Gearbest security lapse exposed millions of shopping orders. | Asus, Chinese, data breach, Gearbest, Huawei, Intel, lenovo, online shopping

The server wasn’t protected with a password, allowing anyone to search the data. This is a site ranked as 250th site in the world and they serve big companies like Huawei, lenovo,asus and intel. It was reported that their servers had no firewall protection whatsoever and so could be accessd by anyone who knows his way around computers.

The leak exposed lots of sensitive info about it customers like names🙊 addresses😓 phone numbers😱 email addresses🙉and customer orders and products purchased( that info on the wrong hands could be really dangerous). After techcrunch reviewed their database they found that you could also find the exact thing the customers bought.
Security researcher Noam Rotem said that “The content of some people’s orders has proven very revealing,Rotem also found a separate exposed web-based database management system on the same IP address, allowing anyone to manipulate or disrupt the databases run by Gearbest’s parent company, Globalegrow.

Gearbest security lapse exposed millions of shopping orders. | Asus, Chinese, data breach, Gearbest, Huawei, Intel, lenovo, online shopping

Advertisement

The exact date of the leak has not been specified yet but Data from internet scanning site Binary Edge revealed the database was first detected on far back as March 7(that way back🙀…).
Shenzhen-based Gearbest has a large presence in Europe, with warehouses in Spain, Poland, and Czech Republic, and the U.K., where EU data protection and privacy laws apply. Any company violating the General Data Protection Regulation (GDPR) can be fined up to four percent of its global revenue( if you do the math you’ll see 4% is a lot of $$$), this is not the first time the company has been involved in a huge breach of data, back in December 2017, the company confirmed accounts had been breached after what was described as a credential stuffing attack.

Gearbest security lapse exposed millions of shopping orders. | Asus, Chinese, data breach, Gearbest, Huawei, Intel, lenovo, online shopping

We are awaiting a report from the company on the case.

Advertisement
[Total: 0    Average: 0/5]

Emmanuel
Hello there I'm a tech-inclined geek, and I've always been a huge fan when it comes to anything tech, so I decided to share my knowledge with the online community and also share some of the latest buzzing news in the tech biosphere. i am dedicated to providing you guys with the best news updates. email: [email protected]
http://www.techcopp.com

Don't forget to leave a Reply