Skip to main content

Ecommerce Platform X-Cart Hit By Ransomware Caused Outage

By November 18, 2020May 5th, 2022Cybersecurity

Do you sell goods and services directly from your company’s website? Do you use X-Cart to do it?

If you answered yes to both of those questions, you may have had some issues with your sales platform.

Thankfully, the issues now seem to have been resolved, but according to the software vendor that makes X-Cart, the issue stemmed from a ransomware attack the company recently suffered. It brought down customer stores that were hosted on the company’s platform.

While few details are known at this point, the issue seems to have arisen when attackers exploited a vulnerability in some third-party software that allowed them to gain access to X-Cart’s store hosting system. Jeff Cohen is the VP of Marketing for Seller Labs, which is the company that produced X-Cart.

Cohen had this to say about the matter:

“We have identified what we believed to have been the vulnerability but do not wish to disclose the name until its confirmed by our security firm.”

Reading between the lines of this statement, it appears that the investigation into the matter is still ongoing. However, apparently the attackers encrypted a small number of X-Cart’s servers, which was enough to grind the system to a halt. Of interest, the hackers did not demand a ransom, nor provide any way for Seller Labs to communicate with them, so the company restored their servers from recent backups.

Not all stores were impacted evenly. Some went offline completely, while others simply reported issues with sending email alerts. In any case, Seller Labs moved quickly to restore service and the outage lasted only a few days. Unfortunately, a few days is a very long time, and some of X-Cart’s customers are not happy, nor are they satisfied with the rather limited information the company has provided to this point. This prompted them to band together and serve Seller Labs with a Class Action lawsuit.

Everything seems to be back to normal at this point, but if your company was impacted, it pays to be aware of the pending lawsuit and consider how you might wish to proceed.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.