December 20, 2019
The Ministry of Economy, Trade and Industry (METI) hereby announces that EC-CUBE Co., Ltd. found that certain versions of EC-CUBE contain a vulnerability and other weakness that may cause leakage of credit card numbers and other personal information. To address this situation, METI recommends operators of online shopping operators making use of EC-CUBE to pay attention to the following points.
- The company found that websites of online shopping malls, which have been built by EC-CUBE, a package product for building websites developed and provided by the company, have been modified by taking skillful advantage of a vulnerability and other weakness of the product. This unauthorized modification has been causing many victims to have their credit card numbers and other personal information stolen.
- According to the data, the company confirmed that as of today in 2019, approximately 140,000 cases of credit card numbers and other personal information were leaked.
- In light of this serious damage caused by the product, METI recommends operators of online shopping malls making use of the product to
- If you have any questions on how to address this issue, contact the following contact counter.
Contact counter on this issue:
EC-CUBE Co., Ltd.
Service hours: From 10:00 to 12:00 and from 13:00 to 17:00, except Saturdays, Sundays, national holidays and the year-end and New-Year
Note: For details of this issue, visit the following website:
Division in Charge
Commerce Supervisory Division, Commerce and Service Industry Policy Group