Unsecured Gearbest server exposes millions of shoppers and their orders

Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. What kind of data was exposed? According to Rotem, the … Continue reading Unsecured Gearbest server exposes millions of shoppers and their orders

Chinese e-commerce giant Gearbest leaks millions of records, researcher finds

An unsecured database has exposed records about millions of customer transactions from the Chinese e-commerce giant Gearbest, security researcher Noam Rotem has announced. Databases of orders, payments and invoices and customer information were exposed, compromising more than 1.5 million records, according to Rotem’s research published by VPN Mentor. It was not immediately clear how long the records have been exposed, though Rotem reported the databases were found unprotected this month. Payment information, products purchased, shipping addresses, and customer data including names, IP addresses and national identification and passport information was all among the data exposed. “Gearbest’s database isn’t just unsecured,” VPN Mentor noted in a blog post. “It’s also providing potentially malicious agents with a constantly-updated supply of fresh data.” Gearbest is owned by the Shenzen-based e-commerce giant Gobalegrow, a cross-border retailer specializing in the sale of electronics and computer accessories. On its website, Gearbest says it works with more […]

The post Chinese e-commerce giant Gearbest leaks millions of records, researcher finds appeared first on CyberScoop.

Continue reading Chinese e-commerce giant Gearbest leaks millions of records, researcher finds