Moscow-based order delivery service PickPoint was breached by unknown hackers late last week. During attack, the hackers opened the cabinets containing the packages, so that the items stored in them are accessible to anyone.
PickPoint is a service that allows Russians to order products online courses and choose to be delivered to a PickPoint cabinet instead of their home address. Once the package arrives, users receive notice via e-mail or mobile and can pick up their orders using application PickPoint. However, the same system which allows users to open cabinets and receive their packages, is what was attacked on Friday.
Using an exploit that has not yet been identified, unknown hackers opened the door to a third of PickPoint's coffers, leaving thousands of packages exposed to theft all over Moscow. The reason for the attack has not yet been revealed, however in press releases issued over the weekend, PickPoint said it had informed authorities of the incident.
PickPoint noted that the security incident was the result of an attack on mobile providers. In addition, according to the company, a total of 2.732 postamat were damaged, but the rest of its network continued to operate normally.
After discovering the attack, the company began conducting research, in collaboration with both internal and external experts. On Saturday, the company's general manager, Nadezhda Romanova, told the channel's reporters Russia-24 that parcels were stolen from some terminals. In addition, the Russian company stated that it is currently working on the restoration of its network.
According to publications notified to SOCIAL MEDIA, guards and owners quickly returned on Friday and reduced it access in obviously malfunctioning cabinets. It is worth noting that the company pointed out in a relevant press release that it seems to be "the first targeted cyber attack in the world at the heart of which was a post-gateway network.