No wonder that online shops have long been the focus of cyber criminals. The Federal Office for Information Security ( BSI ) therefore conducted a study to examine the security properties of shopping platforms. These are software products that online retailers use to create their web shops. The results show important needs for action.
Tense security situation also in online shops
The cyber security situation in Germany is considered tense . According to the BSI's findings, this also applies to areas of the digital consumer market. In this context, attacks on customer databases of online shops are particularly important topics. These mostly involve unauthorized interception and disclosure of sensitive consumer data – so-called data leak incidents. As part of a study that has now been published, the BSI examined software products for online shops for vulnerabilities and found a total of 78 security gaps - some with serious effects on the IT security level of consumer data.
Inadequate password policies across the board
Almost all products examined as part of the BSI study had an inadequate password policy. JavaScript libraries that were vulnerable to known vulnerabilities were identified in seven out of ten shop software products. In half of the products examined, the BSI identified software that had exceeded the official end-of-life date and therefore no longer received security updates. The BSI treated the identified vulnerabilities as part of the so-called coordinated vulnerability process and made the affected software manufacturers aware of the problem. The BSI calls on manufacturers of shop software to immediately provide updates for identified IT security gaps and appeals to operators of online shops to implement these as quickly as possible or, alternatively, to switch to secure products.
Responsibility for manufacturers and retailers
BSI Vice President Dr. Gerhard Schabhüser makes it clear:
Dr. Gerhard Schabhüser, BSI Vice President
“This study shows that the responsibility for safe online shopping lies on both the manufacturer and the retailer side. In order to reduce the risk of future data leak incidents and achieve a sustainable increase in the IT security level of online shops, software manufacturers must regularly carry out vulnerability analyzes - from the BSI , already during product development.
In their own interest, online retailers should pay more attention to IT security when selecting their shop software in order to best protect their customers' data, says Schabhüser. In the final report of the study, the BSI provides online shop operators with appropriate guidance.
Despite the known risks, consumers like to shop online
A consumer survey conducted alongside the BSI study showed that around a quarter of all respondents had already been affected by data leaks while shopping online. Half of those surveyed were concerned about possible data leaks. However, the high proportion of those who stated that they shop online at least occasionally (91%) and the proportion of those who say they frequently shop online (55%) show that online shopping continues unabated for the majority of consumers despite known risks is attractive.
BSI Vice President Schabhüser emphasizes in this context:
Dr. Gerhard Schabhüser, BSI Vice President
“Consumers can and should also make a responsible contribution to the security of their data when shopping online.”
The BSI provides information on measures for safe online shopping and first aid measures for those affected by data leaks
Source:
BSI Federal Office for Information Security
Already read? A photo of a carnival float with the butt of the American advertising character Uncle Sam is currently circulating online. Annalena Baerbock's body is in this. A Mimikama fact check: Fake: Carnival float with Annalena Baerbock
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

