eCommerce security has never been more important. This month the payment card industry requires that all card providers put a chip in their credit cards to boost security for in person transactions. As security tightens in physical retail locations attackers turn more attention online.
Magento is an attractive target as one of the most used eCommerce platforms. The more websites there are, the more money a hacker can potentially make. The Magento organization had the foresight to see the potential for attacks will increase this year. Services like Bugcrowd have been hired to attack Magento every conceivable way. The improvements we have seen to Magento in past months are the product of these proactive attacks.
The security issues Magento has uncovered in their testing are now public knowledge. This makes it easy for everyone to fix by patching their websites. Unfortunately this also makes it easier for hackers to gain access to unpatched stores. Certainly there are hacker groups that have made tools to automatically check Magento sites for these known security holes. Keeping your store patched is critical to avoid an embarrassing and costly security breach.
Use this tool to check if your website is safe: MageReport.com
Any issue reported in MageReport.com that is left unresolved is an invitation and instruction for a a hacker to get into your site.