Brecha exposes 1.7 billion records of Brazilian e-commerce platform

An unprotected server revealed 1.7 billion records of sellers, users and customers of Hariexpress, a Brazilian e-commerce integrator. In the infrastructure freely available on the internet were sensitive data from users and partners of the platform, which is used to make sales from the main e-commerce networks in the country; among the available platforms are Mercado Livre, Amazon, B2W Digital, Magazine Luiza and Cloudshop.

  • Twitch source code and confidential information leak on the internet
  • Data leakage reaches 38 thousand customers of Multilaser Giga
  • 14 One thousand Gmail accounts are targets of Russian virtual attack with phishing bait
  • The discovery of The infrastructure was made by Anurag Sen, a researcher who led the Cybernews security team. It is, according to the analysis of an ElasticSearch server that seemed to contain the huge amount of details about transactions involving Hariexpress systems, with the right to personal data of consumers of the marketplace products as well as of the administrators of these spaces.

    The first group includes information such as full names, telephone numbers, addresses and emails, as well as details of purchases made, amounts paid, dates and even photos of products upon delivery, as well as package tracking codes and links. Banking information, however, is not part of the volume, which, on the other hand, contains orders relating to intimate and sexual items, as well as sensitive records that should not be publicly available.

    Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.

    Every day a summary of the main news in the tech world for you!

    In the second set, however, is the most serious exposure. The server contains, in addition to the personal data of the platform partners and documents such as CNPJ and CPF, the dates, times and prices of the products sold, as well as copies of invoices. To make matters worse, usernames and passwords for the profile on the Hariexpress platform were also found by the researchers, further increasing the dangers involved in opening and enabling scams on other platforms if credentials are shared.

    Data samples exposed on a server belonging to Hariexpress, with information from users and customers of marketplaces integrated by the platform (Image : Reproduction/Cybernews)

    According to the Cybernews survey, it is impossible to know exactly how many individuals were affected by the leak, but with a total of more than 1,75 billion records, experts speak of at least a few million Brazilians affected. To make matters worse, the servers located were being updated in real time with more and more information, being available on the internet since May this year and increasing the total amount of data exposed each day.

    The researchers’ report states that a contact with representatives of Hariexpress was made in early July, with the company requesting a phone number and ceasing communication. Upon receiving the information about the case, in 14 September, the

    Canaltech

    also tried to contact the company by email and phone, without success; a return came only last Friday (27), after company representatives were searched through the social network LinkedIn. One of them sent a new e-mail address, to which information about the case was sent, but there was no return until the publication of the report — the data remains exposed and the server is open.

    Care you need to take

    515365 Shipping labels, tracking numbers and even proof of purchase from sensitive products are part of the volume, which can be used for fraud, scam attempts and extortion against users (Image: Reproduction/Cybernews)

    Cybernews points out that, despite the exposure of the data, it is not possible to specify whether third parties had access to the volume, in addition to the researchers themselves. Openings of this type, particularly with data that directly identifies users, can lead to phishing scams and social engineering attempts, primarily on behalf of e-commerce sites and Hariexpress itself.

    Therefore, the recommendation to users of marketplaces integrated into the platform is to pay attention to e-mails, direct messages and phone calls that request data, registration or payment information. Even if they mention real information about purchases made or personal information, such requests must be met only if the individual is sure of the veracity of the communication.

    Researchers also warn about the possibility of crimes in the real world , with exposed addresses that can lead to robberies in homes and businesses, while records of purchases, especially those involving intimate or sensitive products, can serve as an opening for extortion. Again, the recommendation is to be cautious with regard to contacts of this type.

    Meanwhile, for partners, the ideal is to change passwords for accessing the integrator’s systems and also the credentials of other profiles that share the same data. Combinations of this type must be unique and preferably random, combining uppercase and lowercase letters, symbols and numbers. It is also worth activating two-step authentication systems.

    Source: Cybernews

    Did you like this article?

    Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

    515365 515365

    515365 515364

    Related Articles

    Back to top button