UK e-commerce provider data breaches: 1.3 million online fashion shoppers leaked

TrueMove H Data Breach

Recently, many shoppers who spend on British online clothing and accessories shopping sites have experienced an unpleasant thing because their personal information has been confirmed to have been leaked. The data breach involved multiple British fashion brands, and the cause of the incident came from their familiar IT service provider.

Such as Jaded London, AX Paris, Elle Belle Attire, Perfect Handbags, DLSB (Dirty Little Style Bitch) and such brands Traffic People are entrusted to web development and e-commerce company Fashion Nexus help them build their online store.

Unfortunately, Fashion Nexus seems to have had some problems with security management (Fashion Nexus and its sister company White Room Solutions declined to give specific reasons), resulting in a server that can be accessed publicly. Security researcher Taylor Ralston said on Monday that there is a shared database on this server that contains personal details of consumers on many online shopping sites.

In general, the information exposed online contains personal information about 1.3 million consumers, including md5 hash passwords, passwords, Salt values, names, email addresses, phone numbers, and other data. Fortunately, it does not involve clear payment card information.

 

Currently, consumers are unable to access information related to the event by visiting the official website of Fashion Nexus or White Room Solutions, as both companies now refuse to publish any public statements.

Taylor Ralston sent an email to White Room Solutions asking if he would post a statement. In response, the company said it had notified the affected brands and the Office of the Information Specialist (ICO) about the matter and would have these brands contact the affected consumers.

White Room Solutions also said in the reply that the data breach was caused by a security breach and has been fixed. However, it is also impossible to see information related to this data breach on the websites of affected brands. Taylor Ralston hopes to let consumers know about this incident through the media.

Via: grahamcluley