Active on several platforms of large retailers, the marketplace integrator HariExpress had 1.75 billion data (610 GB) exposed, according to a report by SafetyDetectives, a group of researchers investigating Internet leaks.
Brazilian, HariExpress provides services to sellers (sellers) who advertise products on platforms such as Magazine Luiza, Free market, shopee, Amazon and those of the group American (Americanas.com, shoptime, Submarine and I am b!). In addition, among HariExpress partners are also the post offices.
The integrative platform gathers all the information and accounts of a small seller in the most different sales channels. For example, stock photos are placed on this platform and distributed to seller profiles in each marketplace, and if a product is sold, this information is updated across all accounts.
According to the report, the leak exposed order data from customers who purchased online, such as name, email address, delivery address and telephone number. Sellers’ data were also exposed.
Despite the exposure of the data, it cannot be said that the data was captured by hackers.
Sought, the company informed the Value that he was “finding the facts” with the IT sector (information technology), “to understand the magnitude of what happened”. “We are committed to clarifying the facts and correcting the exposed flaws.”
O Free market informed that “committed to the security and protection of its users’ data, it has already asked Hariexpress for clarification on any incident and its impacts”.
O Magazine Luiza reported that “it counted on HariExpress as one of its integrators for a period of ten months. During that period, HariExpress added only 30 sellers to the company’s platform and registered 12 sales made”. “So far, Magalu has not registered any data leaks and is constantly monitoring the security of its information.”
Correios and Americanas were also contacted for the report, but did not respond until the publication of this note.