Želimo da vas obavestimo da su Intersport web stranice u Hrvatskoj, Sloveniji, Srbiji, Bosni i Hercegovini i Crnoj Gori, zlonamerno napadnute.

U hakerskom napadu na pomenutim web lokacijama, ugrađen je kod koji je trebalo da skenira podatke o platnim karticama. U Intersportu smo reagovali čim je otkriven zlonamerni kod  koji je odmah uklonjen.

Nije došlo do zloupotrebe podataka o platnim karticama, jer se podaci o platnim karticama obrađuju isključivo kod nezavisnog pružaoca platnog prometa Wspay, na koji hakerski kod nije mogao da utiče.

Emir Dizdarević, izvršni direktor WSPay-a je izjavio: “Kao pružalac usluga plaćanja za Intersport grupu, možemo potvrditi da su svi podaci o platnim karticama uneseni u WSPay stranicu za plaćanje sigurni i da na njih nije uticao hakerski napad.” WSPay koristi sve metode u skladu s PCI DSS L1 sertifikatom za siguran unos i prenos podataka o platnim karticama kao i sve ostale podatke koji se unose u WSPay stranicu za plaćanje.

Partnerska agencija Intersporta, Optiweb, odgovorna za razvoj i održavanje Intersportovih web stranica detaljno je proverila i dijagnostifikovala napad. Miha Lavtar, izvršni direktor Optiweba, izjavio je: “Na osnovu podataka dnevnika događaja i ograničenog pristupa korisničkih imena možemo zaključiti da napadači nisu uspeli da dobiju podatke o platnim karticama ili lične podatke koji se odnose na korisnike Intersporta.”

Situacija se pažljivo nadgleda i primenjujemo dodatne preventivne sigurnosne mere u saradnji sa Optiwebom i njihovim partnerima koji brinu o infrastrukturi servera. Online kupovina na svim Intersport web stranicama ostaje sigurna za sve kupce.

Za dodatne upite kontaktirajte:

Andrea Filipović, Dialog komunikacije

andrea.filipovic@dialog-komunikacije.hr

mob. +385 91 54 70 129

Press statement

We would like to inform you that Intersport has recently witnessed a malicious attack on Intersport websites in the region, specifically in Slovenia, Croatia, Serbia, Bosnia and Hercegovina and Montenegro.

In this hacking attack, a code was installed on our websites with purpose to scan payment card data. Intersport reacted immediately upon discovery and the suspicious code was removed.

No payment card information were intercepted, as online card payments are processed through independent WSPay payment platform, which was not affected by the malicious code.

Emir Dizdarević, CEO of WSPay, said: “As a Payment Service Provider for Intersport group, we can confirm that all the payment card details entered into WSPay payment Form are secure and were not affected by this cyber attack.” WSPay uses all methods in accordance with PCI DSS L1 certification to secure entering and transfer of payment cards data as well as all other information entered on WSPay Form.

Intersport’s partner agency Optiweb, responsible for the development and maintenance of Intersport’s web pages, has thoroughly checked and diagnosed the attack. Miha Lavtar, CEO of Optiweb, said: “Based on the event log data and the limited access of the usernames, we can conclude that attackers have not been able to gain any payment card data or personal data related to Intersport users.”

The situation is further monitored and Intersport is applying additional preventive security measures in cooperation with Optiweb and their server infrastructure partners. Online shopping on all Intersport web pages remains safe for all customers.

In case of additional questions, please contact:

Andrea Filipović, Dialog komunikacije

andrea.filipovic@dialog-komunikacije.hr

cell. +385 91 54 70 129