The Chinese online retailer Gearbest sells its products worldwide and is one of the most successful Internet retailers in the world. The corresponding website is one of the 250 most visited websites in the world. Now security researcher Noam Rotem found out that some customer data of the dealer are freely accessible.
In addition to the general customer data, Rotem was also able to view the order history and payment data. All this information is freely accessible over the Internet and can therefore be seen and used by anyone, which is certainly not in the interest of customers. Gearbest thus afforded a massive data protection glitch. However, the trader has not yet reacted to the breakdown report. The databases have not yet been secured either.
Among the customer data are among other things IP address, name, date of birth, address, nationality and password of the customers. Lists of all orders, order numbers and payment information can also be viewed. Also frightening: Rotem also...
