Želimo da vas obavjestimo da su Intersport web stranice u Hrvatskoj, Sloveniji, Srbiji, Bosni i Hercegovini i Crnoj Gori, zlonamjerno napadnute.
U hakerskom napadu na pomenutim web lokacijama, ugrađen je kod koji je trebalo da skenira podatke o bankovnim karticama. U Intersportu smo reagovali čim je otkriven zlonamjerni kod koji je odmah uklonjen.
Nije došlo do zloupotrebe podataka o bankovnim karticama, jer se podaci o platnim karticama obrađuju isključivo kod nezavisnog pružaoca platnog prometa Wspay, na koji hakerski kod nije mogao da utiče.
Emir Dizdarević, izvršni direktor WSPay-a je izjavio: “Kao pružalac usluga plaćanja za Intersport grupu, možemo potvrditi da su svi podaci o bankovnim karticama uneseni u WSPay obrazac za plaćanje sigurni i da na njih nije uticao hakerski napad.” WSPay koristi sve metode u skladu s PCI DSS L1 sertifikatom za siguran unos i prenos podataka o bankovnim karticama kao i sve ostale podatke koji se unose u WSPay obrazac.
Partnerska agencija Intersporta, Optiweb, odgovorna za razvoj i održavanje Intersportovih web stranica detaljno je provjerila i dijagnostifikovala napad. Miha Lavtar, izvršni direktor Optiweba, izjavio je: “Na osnovu podataka dnevnika događaja i ograničenog pristupa korisničkih imena možemo zaključiti da napadači nisu uspjeli da dobiju podatke o bankovnim karticama ili lične podatke koji se odnose na korisnike Intersporta.”
Situacija se pažljivo nadgleda i primjenjujemo dodatne preventivne sigurnosne mjere u saradnji sa Optiwebom i njihovim partnerima koji brinu o infrastrukturi servera. Online kupovina na svim Intersport web stranicama ostaje sigurna za sve kupce.
Za dodatne upite kontaktirajte:
Andrea Filipović, Dialog komunikacijeandrea.filipovic@dialog-komunikacije.hr
mob. +385 91 54 70 129
Press statement
We would like to inform you that Intersport has recently witnessed a malicious attack on Intersport websites in the region, specifically in Slovenia, Croatia, Serbia, Bosnia and Hercegovina and Montenegro.
In this hacking attack, a code was installed on our websites with purpose to scan payment card data. Intersport reacted immediately upon discovery and the suspicious code was removed.
No payment card information were intercepted, as online card payments are processed through independent WSPay payment platform, which was not affected by the malicious code.
Emir Dizdarević, CEO of WSPay, said: “As a Payment Service Provider for Intersport group, we can confirm that all the payment card details entered into WSPay payment Form are secure and were not affected by this cyber attack.” WSPay uses all methods in accordance with PCI DSS L1 certification to secure entering and transfer of payment cards data as well as all other information entered on WSPay Form.
Intersport’s partner agency Optiweb, responsible for the development and maintenance of Intersport’s web pages, has thoroughly checked and diagnosed the attack. Miha Lavtar, CEO of Optiweb, said: “Based on the event log data and the limited access of the usernames, we can conclude that attackers have not been able to gain any payment card data or personal data related to Intersport users.”
The situation is further monitored and Intersport is applying additional preventive security measures in cooperation with Optiweb and their server infrastructure partners. Online shopping on all Intersport web pages remains safe for all customers.
In case of additional questions, please contact:
Andrea Filipović, Dialog komunikacije
andrea.filipovic@dialog-komunikacije.hr
cell. +385 91 54 70 129