Magento Webshops and missing updates

It is incomprehensible to me how owners of online stores let them run on an old, no longer supported software versions. This is grossly negligent behavior, especially because a store administrator must be aware of this issue. In addition to the contact data of the customers, a breach can also affect their payment data. 

The largest Magento 1 exploit to date, which affected up to 2000 stores worldwide in September 2020, shows how vulnerable old systems are. These attacks are completely automatic nowadays, so it doesn't help to hide behind "It doesn't affect us, we're ....". (please insert appropriate adjective yourself)." Or to trust that everything went well in the past.  

If you look at the data from Builtwith on the use of Magento 1.9, you can see that over 4600 stores in Germany alone are still using an old Magento version. The previous versions (1.8, 1.7, ...) are not even included in this report.

The damage that can occur in the case of a successful attempt is often not known to those responsible. Not only do they suffer financial losses because the store no longer functions, customer confidence is reduced and future sales may be lost. According to the IT security law, it is also necessary to report the attack to the authorities. The effort required to fix a hack after the fact therefore involves considerable additional time and expense. Those responsible should proceed with greater caution here in particular, as severe penalties may well be imposed. For example, an online store operator from Lower Saxony had to pay a fine of €65,000 for using an outdated store system. Magento 2 was released in 2015, which is a similarly long time as the case from Lower Saxony, if you are still on Magento 1.

Therefore, remember that it is the website operator's duty to implement technical and organizational measures that ensure a level of protection appropriate to the risk to the data subjects.

Contact us at any time at dotsvarm.com and we will be happy to advise you on your Magento store update.

 

Image © www.pxfuel.com/en/free-photo-euyes

Header image of the article, shows a screen with some CSS code