Security firm Check Point has gone public with a serious vulnerability in e-commerce platform called Magento, which is used by thousands of firms including its parent company eBay.
The firm discovered earlier this year that a critical remote code execution flaw in Magento could open merchant sites and their millions of customers to attack and data theft.
Check Point told eBay about the problem and said that a fix was released in February. The company is going public now because Magento has had sufficient time to inform its customers.
"As online shopping continues to overpower in-store shopping, e-commerce sites are increasingly targeted by hackers as they have become a gold mine for credit card information," said Shahar Tal, malware and vulnerability research manager at Check Point Software Technologies.
"The vulnerability we uncovered represents a significant threat not to just one store, but to all of the retail brands that use the Magento platform for their online stores, which represents about 30 percent of the e-commerce market."
Check Point advised merchants to update their systems with the February fix immediately, but warned that a number of companies may still be running a weakened e-commerce platform.
"Administrators are advised to monitor their logs for patterns matching the technical description of the vulnerability," said Tal.
Tal added that a failure to do this could prove very damaging at a time of increased security risks and heightened consumer awareness about privacy and protection.
"Like any other platform or system e-commerce software can have flaws, so those running the platforms and those running stores on those platforms should ensure that they keep systems fully updated with the latest patches to minimise the window of risk," he told V3.
"Online stores and commerce sites are increasingly being targeted by hackers because of the credit card and personal information they hold.
"There are several UK firms using Magento, and the flaw could affect any [that] don't apply the patches."
Brands using the platform, according to Magneto's own website, include Mothercare, Gant and Rosetta Stone.
Retailers and point of sale terminals are becoming increasingly attractive targets for cyber crooks as they hold reams of useful financial information that can be sold on black markets.
The new processors support Intel's Optane memory acceleration technology
Blockchain's killer app is bitcoin, the rest is mostly 'pure marketing', says MaidSafe's David Irvine
Blockchains are not suited to many of the data security purposes being put forward for them
Applications from some member states were down more than 40 per cent
A new RSA report urges coders to sign a 'Hippocratic Oath' before embarking on AI programmes.