The Latest in IT Security

Millions of online shoppers could be at risk from hardcoded Shopify tokens

13
Feb
2023
Millions of online shoppers could be at risk from hardcoded Shopify tokens

image credit: unsplash

Millions of Android ecommerce app users are at risk of having their sensitive data accessed by crooks, researchers have claimed.

A recent report by CloudSEK’s BeVigil says researchers uncovered 21 ecommerce apps with 22 hardcoded Shopify API keys/tokens which could expose personally identifiable information (PII) of roughly four million users.

“By hardcoding the API key, the key becomes visible to anyone who has access to the code, including attackers or unauthorized users. If an attacker gains access to the hardcoded key, they can use it to access sensitive data or perform actions on behalf of the program, even if they are not authorized to do so,” the company said in a press release.

Read More

Comments are closed.

Categories

SATURDAY, JUNE 22, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments