Tyler Cross
Kushicilelwe ngo: Mashi 28, 2024
I-Shaara, inkampani eyenza ama-plugin akwa-Shopify, ibe nokuvuza kwedatha okubalulekile okungazange kubonwe isikhathi esingaphezu kwezinyanga eziyisishiyagalombili.
Ngokusho kwabacwaningi abathole idatha, kungenzeka kakhulu ukuthi abaduni bafinyelele lokhu kuvuza kwedatha okungenani kanye, njengoba bathola inothi lesihlengo phakathi kwedatha ebifuna cishe u-$640 ku-Bitcoin.
Ukuputshuka sekukonke kuqukethe idatha engaphezu kuka-25 GB egcinwe kusizindalwazi se-Shaara's MongoDB efinyeleleke esidlangalaleni isikhathi esingaphezu kwezinyanga eziyisishiyagalombili. Idatha engabetheliwe iqukethe ama-oda angawodwana angaphezu kwezigidi ezingu-7.6 kanye nedatha yomuntu siqu kumakhasimende.
Noma ubani wayekhululekile ukuthi abheke amakheli e-imeyili ekhasimende, amagama aphelele, izinombolo zocingo, amakheli e-IP, amakheli asekhaya, imininingwane yoku-oda neyokulandelela i-oda, kanye nengxenye yemininingwane yokukhokha.
Ngemva kokubona ukuthi uShaara cishe wayengazi ngokuphulwa komthetho, abacwaningi beCybernews bathinta i-CEO, babazisa ngokwephulwa komthetho futhi bacela ukuphawula okwengeziwe. Ngenkathi inkampani ivala ngokushesha ukwephulwa komthetho, i-CEO ithe ukuputshuka bekungenayo imininingwane yamakhasimende ebucayi.
Ukuvuza kugqamisa inkinga enkulu engaphansi kwemikhuba ye-cybersecurity yakwaShopify. Izikena zayo zokuphepha ngokuvamile ziyehluleka ukubona amaphutha engqalasizinda engavikelekile, okuholela inqwaba yezinkampani ezifana ne-Shaara ukuthi zidalule idatha yekhasimende ebucayi.
Okunye ukuvuza kwedatha okutholwe ngama-plugin akwa-Shopify kufaka phakathi i-The Tribe Concepts, i-Mesmerize India, i-Snitch, i-Bliss Club, Ngokumema Kuphela, kanye no-Binky Boo okuke kwaba nokuvuza kwedatha okukhulu. Ezinye zalezi zinkampani zazinolwazi lokukhokha olufinyeleleka ngokugcwele.
Inkampani ngayinye icelwe ukuthi iphawule kabanzi, kodwa azikaphenduli.
Abacwaningi baveza ukuthi lolu daba aludalwanga abagebengu be-inthanethi abangochwepheshe abasebenzisa ubuchwepheshe bamuva kodwa izinkampani ezihlulekayo ukuhlangabezana nezindinganiso eziyisisekelo ze-cybersecurity. Ngisho nesoftware eyisisekelo yokubethela ibingavikela idatha yekhasimende uma kwenzeka kuvuza, enezixazululo ezilula nezifinyelelekayo njengokubethela kwe-256-bit AES okungakaze kuqhekezwe ngaphambilini.
- I-SEO Powered Content & PR Distribution. Khuliswa Namuhla.
- I-PlatoData.Network Vertical Generative Ai. Zinike Amandla. Finyelela Lapha.
- I-PlatoAiStream. I-Web3 Intelligence. Ulwazi Lukhulisiwe. Finyelela Lapha.
- I-PlatoESG. Ikhabhoni, I-CleanTech, Amandla, Environment, Ilanga, Ukuphathwa Kwemfucuza. Finyelela Lapha.
- I-PlatoHealth. I-Biotech kanye ne-Clinical Trials Intelligence. Finyelela Lapha.
- Source: https://www.safetydetectives.com/news/25gb-of-shopify-data-found-leaked/