Security news aggregator

Latest coverage for E-commerce

Stay secure with the latest e-commerce cybersecurity trends, news, and tips to protect your online business from cyber threats.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

E-commerce is the online sale of goods or services through storefronts, marketplaces, mobile apps, and supporting payment and fulfilment systems. Its important assets include customer identities and addresses, payment data or payment tokens, order records, pricing, and account credentials. Availability and transaction integrity matter alongside confidentiality: customers must be able to place orders, and prices, inventory, and delivery details must not be altered improperly.

Security concerns span public websites and APIs, account takeover and payment fraud, vulnerable third-party components, and integrations with payment, logistics, and marketing providers. TLS protects communications, while strong authentication, secure session handling, input validation, patching, and monitoring help protect accounts and transactions. Payment-card environments may fall under PCI DSS; privacy obligations also govern personal data. E-commerce operators need tested controls for detecting fraud, limiting access, preserving audit records, and responding when systems or transaction data are compromised.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view
Bank Info Security 2 months, 2 weeks ago

UK Biobank Health Data Listed for Sale on Alibaba

UK Government Said It Is Working With Chinese Officials to Remove ListingsThe U.K. government is working with Chinese officials to remove the sensitive de-identified data of 500,000 participants of the UK Biobank that was listed for sale on the Chinese e-commerce site Alibaba. U.K. officials said the incident did not appear to involve a cyberattack.

Seoul Accuses E-Commerce Giant of 'Self-Investigation,' Impeding Government ProbeSouth Korea's data protection watchdog told e-commerce giant Coupang to stop publishing its "self-investigation" findings into a massive data breach and demanded the interim CEO, a U.S. citizen, return to the country to meet with a police - drawing criticism from U.S. Republican lawmakers.

Critics of South Korea's Coupang Dismiss Offer as Marketing More Than CompensationAfter suffering a data breach that exposed personal data for two-thirds of South Korea' population, online retailer Coupang promised to distribute $1.2 billion in vouchers to "restore customer trust." But critics have accused the move of being more about marketing than true compensation.

Bank Info Security 6 months, 4 weeks ago

ISMG Editors': When KYC No Longer Signals Trust

Also: Cyber Insurers Brace for AI Risk, Shopping Agents Rewrite E-commerceIn this week's ISMG Editors' Panel, four editors examine how artificial intelligence is quietly reshaping trust, risk and decision-making, from identity verification and cyber insurance to the rise of AI agents in online shopping. The ISMG Editors' Panel runs weekly.

Bank Info Security 7 months, 2 weeks ago

South Korean E-Commerce Giant Coupang Probes Massive Breach

Chinese Developer Formerly Employed by Company Suspected of Data TheftSouth Korea's biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is a suspect.

Bank Info Security 7 months, 2 weeks ago

Ads Without Eyeballs: Online Shopping's AI Agent Problem

E-Commerce Face Existential Threat as Autonomous Shoppers Bypass AdsThe online retail industry spent decades honing how to nudge people into clicking the buy button. Now it faces a customer who doesn't want anything at all: the artificial intelligence shopping agent. Agentic commerce could hollow out retail media and force a shift in how platforms monetize.

Bank Info Security 1 year, 3 months ago

The Unbearable Drama of a PCI DSS Standard Rollout

Last-Minute PCI DSS 4.0 Changes Highlight Challenge of Battling Malicious ScriptsOn the eve of enforcement for version 4.0 of the Payment Card Industry's Data Security Standard, the council relaxed rules for smaller merchants pertaining to combating malicious scripts in their e-commerce environment. Cue confusion and ongoing cybersecurity questions.

Criminals Listed 269 Million Stolen Payment Card For Sale in 2024, Researchers FindIt's an old story: Criminals rake in profits by using digital "e-skimming" software, running scam e-commerce sites and selling stolen payment card data. Unfortunately, it's made continually new thanks to adaptability of cybercriminals, who keep their tool set relevant and ever more lucrative.

Bank Info Security 2 years, 3 months ago

TMChecker Tool Lowers Barrier for Malicious Hacking

Tool Is Available for $200 a Month on Hacking ForumsA new tool set on the dark web is gaining traction as an attack weapon to target remote access services and popular e-commerce platforms. TMChecker helps threat actors seeking to compromise corporate networks and gain unauthorized access to sensitive data.

Bank Info Security 2 years, 5 months ago

35.5 Million Customers Affected by Apparel Maker VF's Breach

Owner of Such Brands as North Face and Vans Says Business Mostly Back to NormalSkateboarding shoe and outdoor apparel maker VF Corp. said data pertaining to 35.5 million customers appears to have been stolen in a data breach it detected and disclosed last month. The breach disrupted e-commerce order fulfillment as well as inventory replenishment at retail stores.

Bank Info Security 2 years, 6 months ago

Amazon Appeals Privacy Fine of 746 Million Euros

E-Commerce Giant Accuses Luxembourg Regulators of Attacking the CompanyAmazon in a Luxembourg court Tuesday contested a once-record privacy fine levied against the e-commerce giant for its advertising practices by the diminutive country's data protection authority. The fine of 746 million euros stems from a 2018 complaint by French privacy group La Quadrature du Net.