Companies such as kaufland, otto, check24 and idealo provide smaller workers an online marketplace where you can offer your goods. The data of the end customers of these handlers have not been sufficiently protected by a service provider. Name, address, account details and more information from around 700.000 people have been disclosed so.
The problem was at the access to the marketplace, as the mirrors reported. The service provider offers the corresponding interfaces for the connection, in this case modern solutions. Sellers and service providers are responsible for the settlement and thus the customer data. The marketplaces themselves are no contractual partners of the buyer.
Much insight for customer data, less at the company
Now an IT specialist on behalf of a single handler is to look at a technical problem and have discovered the safety chucks. Accordingly, modern solutions offers its customers, ie the retailers, direct access to the servers and the databases stored there. In addition, in the software, which must have all customers installed with themselves, "easily readable access data to this server" be, the equal mammals for all. Say: every customer was able to see the databases of all customers.
In addition, according to the IT expert, the software with the handler access data from modern solution by google search has been found, there was a free download link. Whether this has been exploited is unclear. Of the mirrors quotes from a statement from modern solutions to customers: "currently not known".
A first warning of modern solution was probably too "disabled repair attempts". The accesses are now interrupted. The company’s website leads to a liveticker, which should play the advances. Also, the e-mail address of the data protection officer is specified. The case was allowed to be relevant to data protection law.