Internet delivery storage safes HACKED containing $2 MLN worth of goods!

Science & Tech
RUSSIA BEYOND
Unidentified criminals hacked more than 2,500 storage safes in Russia, used for the delivery of goods from online stores. The storage spaces contained more than 149 million rubles worth of goods.

The virtual crime took place on December 4. The hackers broke into the PickPoint terminal system - a popular method of online store delivery, according to the company’s website. 

The hack was carried out by attacking the network providers controlling access to the terminals. In total, 2,700 terminals suffered out of a total of 8,000 owned by PickPoinit. The estimated value of the goods in the hacked safes was around 150 million rubles (approx. $2 million).

“PickPoint managed to deactivate 80 percent of the 2,737 machines affected, preventing the safes from being unlocked,” a company spokesperson said, adding that both staff and passersby took part in helping to close the doors. 

Still, the criminals managed to make away with about 1,000 orders, leading to PickPoint contacting the police. A criminal investigation into the theft has been launched, according to PickPoint’s general director, Nadezhda Romanova. 

As of December 7, the company claims to have returned operations to 95 percent capacity. Additional protection in the form of a new operating system is being installed, together with a new internal security policy. PickPoint says it has already allocated 10 million rubles (approx. $136,000) to aid the customers who suffered in the hack.   

This is the first time a crime of this sort has been perpetrated in Russia. The ease with which it was committed could be down to either a weak operating system, an inside job involving one of the company’s tech support staff, or with the help of a fired or otherwise disgruntled employee, according to Sergey Nenaknov, chief of security at the auditing and information security department at Infosecurity. According to him, if the crime was down to the software, the problem will not repeat; however, if the culprit is insider information, more attacks could be expected in the future.