Check24, one of Germany’s prominent comparison portals, is under scrutiny following a significant data breach that exposed sensitive personal information. The breach affected millions of customers as details such as names, addresses, incomes, and employment statuses were left vulnerable due to security flaws within the credit intermediation process. The issues reportedly occurred several months ago, leaving customers’ private data easily accessible with just a few simple steps. The leak has raised serious concerns over the safety and reliability of the platform, prompting calls for transparency from the company.
In response to these revelations, Check24 confirmed the vulnerabilities to CORRECTIV and acknowledged the incident internally. The company stated that their security team reviewed the issue thoroughly, and by July 30, 2024, they had closed the primary “gateway” responsible for the leak. Despite this, Check24 has not provided individual responses to questions about the breach, opting instead to send a brief internal protocol to its management, which referenced the swift actions taken to address the security flaws.
The company took immediate action after the breach was identified, with the largest vulnerability being addressed the same day. Further security errors were also corrected over the following days to prevent further exposure. However, Check24’s lack of detailed communication about the incident has left some questions unanswered, particularly regarding the full extent of the data compromised and the potential risks to affected individuals. As a result, the breach has raised broader concerns about the transparency and accountability of companies handling sensitive personal data.
As of now, Check24 has not provided specific information on whether any customers have been harmed as a result of the breach. The company has emphasized that it took prompt action to rectify the problem, but questions remain about how the vulnerabilities were initially overlooked and what steps are being taken to prevent similar incidents in the future. The case highlights the ongoing challenges facing companies in the financial technology sector when it comes to safeguarding user data.
Reference:
