TechTarget

Ikea plugs website security breach

Ikea has plugged a major hole in its website security, that allowed hackers and phishers to use the "contact Ikea"...

Ikea has plugged a major hole in its website security, that allowed hackers and phishers to use the "contact Ikea" function on the site, to access the retail giant's email system.

The security flaw gave hackers and phishers full access to the resources of its email servers, allowing them to send bulk outbound mail via Ikea's email servers.

Geoff Sweeney, chief technology officer of IT security company Tier-3, said, "Ikea's problems were caused because the contact template on the firm's home page was inadequately secured, allowing hackers with criminal intentions to insert alternative e-mail addresses in a contact form.

"This basically allowed anyone with a little technical knowledge to generate millions of phishing and/or spam messages from Ikea's mail servers using a simple script. The potential damage to the company's reputation and possibility of email blacklisting could be significant."




CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close