From the Blog

NutriBullet Hack

NutriBullet has become the latest Magecart victim with skimmer code planted within their domain in order to steal customer financial data. RiskIQ published their research on Wednesday of this week, and it make very good reading.
shutterstock_164927156

The NutriBullet hack. An example of how a company could have avoided pain. Nutribullet has become the latest Magecart victim with skimmer code planted within their domain in order to steal customer financial data. RiskIQ published their research on Wednesday of this week, and it make very good reading.

You can read the research here.

Having read it, two questions immediately come to mind. Why did Nutribullet not respond to a responsible disclosure attempt by RiskIQ and how did they not spot it themselves? If they had responded, the NutriBullet hack surely would have had less impact on the business.

Receiving Responsible Disclosure

No one wants to have security issues, but in the constantly evolving connected world it will happen sooner or later. One thing that the NutriBullet hack clearly demonstrates if that if they had been listening, the hack would have been spotted a lot sooner. So why not embrace it and hear about issues from the good guys rather than get hacked and hear about it another way?

Security researchers, when they find an issue, will do their very best to communicate to the right person. So make it easy. Put a link in the footer of your website that links to page providing all the information the researcher needs to report it. For example, in our footer we have a link to our “Responsible Disclosure” page.

Share on facebook
Facebook
Share on google
Google+
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on pinterest
Pinterest
Scroll to Top

Covid-19 Update

We Remain Open

At this present time we have taken all the relevant measures to ensure our team are safe. Until further notice all our “onsite” engagements will either be postponed or performed remotely via VPN or one of our appliances.

Please bear with us if we need to reschedule some of your work. As a collective, we are also volunteering our time to support the elderly and assist essential services.

Thank you for your patience and understanding.

Peter
CEO & Founder