The Week in Commerce: September 26, 2014

This weeks update is primarily security focused as there were numerous security related stories in the news. Full transcript below.


If the video doesn’t display, it can be viewed on the Carlson On Commerce channel on YouTube.



Hello.  Kevin from Carlson On Commerce back with more top eCommerce stories from last week.

Chip and pin credit cards are what everyone is talking about these days, mostly because of the high-profile data breaches that have happened over the past year.  While I look forward to seeing the US adopt more secure technology that, by the way, has been in place in Europe for two decades, it’s going to cost a lot to get things up and running.  How much? Well, it’s estimated to be almost 9 billion dollars.  One thing to look for in addition to the updated cards and terminals is how the industry will shift liability to the party with the least secure technology.

eBay could be trading user security to make seller site updates more convenient. Currently, hackers can use malicious javascript code to send users to malicious sites with a familiar look-and-feel and then attempt to steal usernames and passwords.  According to the BBC, this vulnerability has been exploitable since February of this year.

Bigger than Heartbleed?  This shell script vulnerability made waves this week when it was disclosed that a 25 year old vulnerability could be exploited on any computer running the popular Bash shell. It’s so dangerous because of the number of programs that interact with the bash shell. That includes Linux — and Macs, by the way. There are fixes available and you should patch things quickly before your site becomes a victim of this latest exploit.

And since I opened this video talking about chip-and-pin, it’s only fitting to end with a story on yet another data breach.  Jimmy John’s experienced a data breach that affects customers nationwide. The cards that were impacted were only those swiped on location at a Jimmy John’s restaurant.  The good news is that the issue has been fixed.  Some Jimmy John’s customers report that in spite of the data breach, they are still frequenting the chain because, well, they still make a pretty mean sandwich.

And that’s the week in Commerce for the week ending September 26, 2014.


Add Comment