Over a million customer data from over 700,000 users from Media Markt, Kaufland and Otto, among others, were unprotected on the Internet for years, as a current report reveals. Apparently, customers have not been informed about the security gap so far.
Over a million data records from around 700,000 users from Media Markt, Kaufland, Check24, Otto and other platforms have been freely accessible online for years, as a report by Plusminus reveals. The reason is a massive security gap at an interface service provider. In addition to data such as the e-mail and postal address, order information and telephone numbers, the bank details of the users were apparently also freely available in some cases.
The market places on the sites where external traders can offer their products were particularly affected by the data leak. The retailers connect their product systems to the online marketplace via the interface service providers. The data of the users are also processed here.
According to the report, in addition to the platforms already mentioned, Tyre24, idealo, Hood and Crowdfox are also affected by the vulnerability.
Data leak at Media Markt, Kaufland and Otto: the gap had been known for months
As Plusminus found out, a programmer had already noticed the gap in the summer of 2021. The leak has already been closed, but customers have never been informed.
The platforms point out to ARD-Magazin that they are not responsible for the marketplaces under data protection law. Kaufland explains to Plusminus that it is only an “intermediary between customers and dealers”. The dealers themselves are the direct contractual partners of the customers, which is why they are also responsible for protecting user data. The fact that customers were not informed about the data leak is a “serious and scandalous process” for Stefan Brink, state data protection officer for Baden-Württemberg.
A Swiss security expert has already analyzed the data for Plusminus. However, since the data leak has existed for three years, it can no longer be determined whether bank details and the like were for sale on the dark web.
Tip: This is how you surf more securely on platforms such as Amazon or Media Markt
Basically a good tip for more security on online platforms: If you are registered on different sites, you should not use the same password for all of them. If you are afraid that you will get confused in view of the many different passwords, you can alternatively switch to a password manager. The best of their kind can be found here in our detailed test comparison:
Password manager test 2021: These services solve your password problem
Shop recommendation for antivirus
Offer from BestCheck.de | Prices incl. VAT plus shipping