The hacker attack against the websites Americanas.com, Submarino and Shoptime, which are offline, raised the alarm among consumers and digital security companies that personal data had been exposed.
The hacker attack began on Saturday (19) morning, and the company sought to take down the website and application of Americanas.com and Submarino in order to try to keep customer data safe. As these are ecommerce platforms, passwords, CPFs, addresses and payment information are present in the databases.
Americanas SA, owner of the three platforms, said in a statement that it “proactively suspended part of the servers in the ecommerce environment and works with technical and specialist resources to safely normalize it as quickly as possible”. The Submarino and Shoptime websites present similar announcements, and also remain unavailable.
Procon-SP notified Americanas this Monday to present explanations about what happened on the company’s websites over the weekend. The municipality wants to know if the attack affected the company’s database and if the retailer adopts security measures to protect personal data from unauthorized access.
“With the data breaches we’ve seen over the last year, the general guideline is for people to frequently change their passwords, as thousands of them are available on the Deep Web,” recommends Emilio Simoni, chief security officer at PSafe.
Simoni cites a survey by the company that shows that 80% of Brazilians rarely or never change their passwords on the internet, which he considers an extremely dangerous habit.
The expert also warns of suspicious emails and phone calls after large data breaches, as this information can be obtained and used by criminals to apply scams.
“The general guideline is that people do not save banking information on websites and be on the lookout for any suspicious movement,” he said.
For Eduardo Nery, CEO of Every Cybersecurity and GRC, “if a data leak occurs, the user must be alert at all times. With this information [disponíveis]it is possible to open current accounts in digital banks, access other sites and make transfers”.
He suggests that the user use strong and distinct passwords for each website and virtual credit cards when making purchases over the internet, which are easier to block if bank details are exposed.
Americanas SA, whose internet sales accounted for 77% of the total in the last quarter of 2021, has lost about R$220 million in revenue so far, according to retail experts. The company’s shares were among the biggest drops in Monday’s trading session. The share price dropped 6.61%, to R$31.49.
Learn how to protect yourself in case of data breaches
- Have a security solution installed on your device
- Change personal passwords frequently, preferably stronger ones with special characters
- Avoid clicking on links from unknown sources, especially those shared via messaging apps like WhatsApp and social media
- Use two-factor authentication
- Create the habit of doubting the information shared on the internet and never report sensitive data on links of dubious origin
- Use virtual credit cards with every new purchase on the internet
- Keep device operating systems up to date
- Always try to confirm the veracity of the information on the official pages and websites of the companies
- Make sure a link is trusted on the dfndr lab website, PSafe’s cybersecurity lab
I have over 8 years of experience in the news industry. I have worked for various news websites and have also written for a few news agencies. I mostly cover healthcare news, but I am also interested in other topics such as politics, business, and entertainment. In my free time, I enjoy writing fiction and spending time with my family and friends.
