phishing
GermanyHeise Security
GermanyHeise SecurityBaden-Württemberg State Ministry Shop Breached via Critical Vulnerability
Friday, January 2, 2026
What
Attackers exploited a critical, unknown vulnerability in the "THE LÄND" online shop system, compromising customer data and manipulating payment pages to steal credit card information and overcharge customers. This incident highlights the severe impact of unpatched vulnerabilities on government-affiliated online services and user trust.
Where
The online shop of the Baden-Württemberg State Ministry ("THE LÄND" Fänshop) in Germany. The underlying shop system, likely Gambio, affects an estimated 25,000 shops globally.
When
Attack occurred between December 27-29, 2025. The vulnerability patch was released on December 30, 2025.
Key Factors
- •Attackers leveraged a previously unknown critical vulnerability in the shop system, likely Gambio, to gain unauthorized access and manipulate the online store.
- •The breach involved the exfiltration of customer data, including names and email addresses, and the setup of a fraudulent payment gateway to steal credit card details and overcharge victims.
- •The incident affected a low double-digit number of individuals who experienced unauthorized credit card charges, with actual debited amounts significantly exceeding displayed prices.
Takeaways
- →Customers who used the "THE LÄND" shop between December 27-29, 2025, should immediately review bank and credit card statements for suspicious activity and report any anomalies.
- →Organizations operating e-commerce platforms, especially those using Gambio, must urgently apply all security updates to mitigate critical vulnerabilities and implement robust payment gateway security measures.
Read Full Article
Opens original article on Heise Security
