eBay (Photo : Reuters)
A major security hole discovered from eBay's Magento platform was recently patched. The flaw could have allowed malicious users to steal confidential payment information form eBay's e-commerce operation.
According to IT Pro Portal, the security flaw will allow hackers to bypass all security protocol and can give complete administrative access into eBay's system. Once inside, hackers has full control of eBay's entire database thus allowing them to access customer's credit card information.
Check Point Software Technologies research manager for malware and vulnerability Shahar Tal said, "As online shopping continues to overpower in-store shopping, ecommerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information." Tal added that the recently uncovered security flaw from eBay could also pose serious threat to other online retail stores that uses the Magento Platform.
The security flaw was privately disclosed in order to prevent hackers from taking advantage. Check Point said that they have worked closely with eBay in order develop a patch to fix the problem before submitting it into the public domain. The patch was released on Feb. 9 and Check Point urged e-commerce website to apply the fix immediately in order to prevent hackers from exploiting it.
More than 30 percent of e-commerce website in the Internet uses the Magento platform. According to Internet Retailer, Magento Enterprise is a paid platform that is designed for larger and more sophisticated retail transactions. A free version of Magento is also available for smaller enterprise that has their own manpower to operate the platform.
Online e-commerce operators can visit Magento's official website to download the latest patch.
