Security Market Segment LS
Wednesday, 13 March 2019 19:00

Kathmandu store breached, credit card details at risk Featured

Kathmandu store breached, credit card details at risk Pixabay

Global outdoors apparel and equipment vendor Kathmandu Holdings has suffered a breach of its online trading sites and says it is carrying out an investigation to find out the nature of the hack.

The company said in a notice to the Australian Stock Exchange that it became aware of the breach between 8 January and 12 February.

Kathmandu uses the Magento e-commerce platform which has suffered numerous breaches over the years. Last year, the site of the smartphone company, OnePlus, which also runs Magento, was compromised.

Magento is owned by Abobe which it bought for US$1.68 billion in 2018. A study by security firm Trustwave in 2016 said Magento was "the e-commerce target of choice for hackers, with Magento installations accounting for 85% of compromised e-commerce systems".

The Kathmandu site is hosted in the US and uses the Cloudflare content delivery network which also protects against DDoS attacks. But a Netcraft site report shows it has neither DMARC nor SPF records to guard against spoofed emails which appear to come from its domain.

The company said in the statement that an unidentified third party had breached its website and may have stolen personal information of customers and credit card details.

Kathmandu is notifying customers who are potentially affected and advised those who feared they had been affected to contact their banks or credit card providers for advice on what they should do.

Chief executive Xavier Simonet said: "While the independent forensic investigation is ongoing, we are notifying customers and relevant authorities as soon as practicable.

"As a company, Kathmandu takes the privacy of customer data extremely seriously and we unreservedly apologise to any customers who may have been impacted."


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments