Hacking Group Targets Magento Ecommerce — Kalio Unaffected

Share on facebook
Share on twitter
Share on linkedin
Share on email
Photo depicting a data breach

Recently, a report published by threat intelligence firm Gemini Advisory disclosed security breaches at over 570 ecommerce websites spanning the past 3 years. A hacking group known as “Keeper” had broken “into online store backends, altered their source code, and inserted malicious scripts that logged payment card details entered by shoppers in checkout forms.” Most of the stores were small-to-mid-sized businesses and over 85% were running on Magento’s ecommerce platform.

We’re happy to report that Kalio customers were unaffected by this security threat.

That said, articles like this one remind us why it’s so important to remain vigilant to potential security risks and to continuously monitor, maintain, and develop ecommerce solutions that are highly resistant to potential intruders. It was no accident that this group targeted small-to-mid-sized ecommerce sites. Often, those companies lack the resources and/or security expertise required to protect and monitor their websites leaving vulnerabilities that hackers can exploit.

Kalio clients, unlike the companies above, specifically benefit from the Cloud Management Services and comprehensive focus on security found in our Power of One ecommerce approach. Kalio employs a dedicated Security Officer and 24/7 Operations Team that continuously monitors our systems and your website to ensure that your business runs smoothly. We also utilize the following key security components, verifiable during our annual onsite audits, to maintain our Level 1 PCI DSS compliance:

 

  • Our platform is architected specifically for our cloud hosting and security functions
  • We require 2 levels of authorization for accessing our Site Managers
  • Within our hosting, we monitor and manage who has access to our sites; we secure the data
  • All changes to our sites are audited and we provide visibility on the history of changes made
  • We use real-time intrusion detection and file integrity monitoring
  • Scheduled regular maintenance of sites to allow for necessary security updates & enhancements

 

Security breaches and these types of malicious attacks are painful realities in today’s world. However, they don’t have to be inevitable. Having tailored security solutions, a dedicated operations team keeping up with the latest security protocols, and implementing preventative measures to keep your customers’ data safe can minimize the risk. So you can focus on what really counts – growing your ecommerce business.