By exploiting a vulnerability, strangers have access to the computer system of the electronic mail-order company Conrad Electronic. The company writes in a press release. The intruders "apparently had access to some of the customer data." Affected are the records of a total of 14 million customers.
In the database in question were "postal addresses, some e-mail addresses or fax and telephone numbers and in just under a fifth of the affected records also IBANs" had been saved, Conrad Electronic said. However, there is no evidence that the hackers actually used their access to the computers "to misuse data", ie to copy.
The security gap, which exploited the attackers, has been identified and closed by IT experts of the company, said the company from Hirschau in the Upper Palatinate. Customer credit card numbers and passwords are not affected by the incident.
LKA and data protection officers are informed
"Because of the unauthorized intrusion into our IT, we immediately filed a criminal complaint with the State Criminal Police Office and immediately informed the Bavarian State Office for Data Protection Supervision of the incident," says Tilman Scherer, responsible for corporate security at Conrad Electronic. "We work closely with the authorities to clarify the process and, if necessary, to draw further necessary conclusions."
On a specially created website, the mail-order company informs its customers about the incident, which is referred to there as a "data breach". The website warns customers to be extra cautious about "handling suspicious emails," especially when they ask you to open an attachment or enter passwords.
With such methods, for example, malicious software can be introduced to the computers of those affected. With imitated websites, cybercriminals also try to trick their victims into entering their passwords. The hints distributed by Conrad Electronic generally apply and should always be heeded, not only after hacker attacks.