The boss of the online site Boutique-rhum.com shared his experience as a victim of a cyberattack. A hacker managed to modify the company’s IBAN and payment page to collect money from customers.
In May 2023, Alex Guez, head of the online platform Boutique-rhum.com, had the very bitter experience of a cyberattack, through the modification of the site’s payment page. The manager had set up a virtual robot to monitor the customer journey. This is what allowed him, at the time, to quickly detect the flaw. The hacker managed to enter his IBAN instead of that of the company.
Fortunately, a rapid reaction after the cyber attack
At the time, Alex Guez thought he was the victim of a joke. He had installed his robot as a precaution and did not imagine that someone could replace the company’s IBAN with his own. Except that this doesn’t just happen to others, and the site’s payment page was indeed altered.
A crisis meeting was then immediately organized. Because all the money generated by purchases made by rum-loving customers fell directly into the pockets of the hacker.
For the Boutique-rhum.com team, the priority was to restore the payment methods and provide the correct IBAN. Then, it was necessary to make a declaration to the CNIL, as required by the GDPR. The police were also notified, as was the site’s insurance, which nevertheless did not cover the cyber risk.
Insurance, server, outsourcing manager: to avoid another hiccup, Alex Guez changed everything
On the Boutique-rhum.com side, we therefore focused on the restoration of services, the analysis of the hacker’s interventions and the declarations. While the cyber incident was not covered by insurance, customers were obviously informed of the attack, and steps were taken to minimize the impact on those who made payments. This is something to work on in crisis management.
Some sales collapsed, due to the famous payment problems. But with hindsight, Alex Guez confirms that the damage could have been much worse. The entrepreneur is now learning the lessons of this incident by having strengthened the security of his site with an outsourcer, by taking out insurance which protects him from cyber risk, and by having chosen a dedicated server.
All this costs more, but the manager understands that it is a blessing in disguise. Today he is trying to use his testimony to raise awareness and call for constant vigilance online, recalling that the Internet, “ it’s a bit like the jungle “. The comparison does not seem so far from the truth.
Source : The Parisian
4