Security Improvements for Our Ecommerce Customers

Read Time:33 Second

We were recently informed of a design flaw in our third-party ecommerce fulfillment system, cleverbridge, that could have potentially allowed customers to accidentally disclose their purchasing information (i.e., last 4 digits of credit card used, credit card expiration date, business contact information, product purchased and taxpayer ID, if provided) by sharing a private URL.

In response and out of an abundance of caution, we’ve worked with cleverbridge to implement additional controls to the ecommerce system to further reduce the risk of a customer accidentally sharing this information.

We would like to thank Lucas Lavarello of Kulkan Security and cleverbridge for their quick actions and collaboration.

Friday Squid Blogging: Cotton-and-Squid-Bone Sponge

Apps That Are Spying on Your Location

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

Slovakia Hit by Historic Cyber-Attack on Land Registry

Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you

Medusind Breach Exposes Sensitive Patient Data

Fake PoC Exploit Targets Security Researchers with Infostealer

Smashing Security podcast #399: Honey in hot water, and reset your devices

Space Bears ransomware: what you need to know