Exclusive: Affiliates able to access databases of ALL Hello Markets brands and CRM data in massive security breach

Hello Group’s CRM data is publicly available and displays the entire databases of affiliates by just copy pasting a URL. We tested this extensively and raised it with Hello Group, which has now confirmed that it has resolved the issue completely

When providing white label solutions to brands, as is the case of a number of smaller retail FX brokerages that either do not have the resources or the business direction to invest in their own servers and infrastructure, as well as the entire OTC binary options business, the security of data is paramount.

Equally important is the security of client information, for a number of reasons, one in particular being the increasing number of hacking activity that has made it easy to obtain username and password information from trading accounts in order to gain access and make successful withdrawals, another being an internal issue in which in some cases, leads are obtained by former employees of binary options firms selling databases to their future employers, or establishing lead selling business in order to recycle the intellectual property of firms from which they have stolen it.

Security, therefore, is vital these days to protect against several potentially damaging factors.

Thus, it is vitally important that CRM data is encrypted and cannot be accessed from the outside, however according to research by FinanceFeeds, one particular firm has a vast security issue in that its CRM data is completely viewable in the public domain.

As a result, all affiliates can access the data of brokerages which are white label brands of this particular platform provider / market maker without any restriction whatsoever.

Hence, brands which use this platform risk having their own intellectual property displayed publicly, which in turn means that other brands could simply copy and paste it into their own databases.

The brand in question is Hello Markets in Cyprus.

FinanceFeeds has studied this in detail, and has performed several tests with regard to this, as well as drawing on the experience of several affiliates.

Both FinanceFeeds and the affiliates that we approached were able to replicate this several times, in a very simple copy/paste action relating to some of the source code from the Hello Markets platform which can be simply exported and pasted to a different part of the portal, exposing every CRM record in the system.

Upon testing this to a significant enough degree to realize that it is indeed an issue, FinanceFeeds raised the matter with Hello Group, the parent company of the Hello Markets platform.

Speaking today to Senior Marketing Manager Khaled Slim, who is also head of the company’s Cyprus office, FinanceFeeds provided a full set of data and stages by which the company itself was able to replicate this.

Mr. Slim explained to FinanceFeeds that this would be investigated immediately, and shortly afterwards explained “We are very grateful for this having been pointed out, and have now taken it to our developers who have rectified it without delay.”

“Hello Group is absolutely committed to ensuring complete data security, hence this matter has now been completely resolved and we assure all affiliates and customers that there is no longer any ability to access such data” he concluded.

On the company’s website, it states “Your Back Office is fully encrypted thanks to our Security Token. Safety is key, and the Hello Group team of experts knows that all too well. The new Token is a security device which is sure to upgrade the access safety of your website’s back office to unprecedented levels.”

It is vital to make absolutely certain that when taking a white label solution, despite the well recognized cost advantages over establishing an independent brokerage, the security of your own data is maintained, as that, after all is the intrinsic value of your business.


Read this next

Digital Assets

Silvergate dismisses speculation of trouble, says BlockFi exposure is minimal

Crypto-friendly bank Silvergate Capital claimed on a Tuesday blog post that it had minimal exposure to crypto lender BlockFi, which filed for chapter 11 bankruptcy protection this week.

Retail FX

Fidelity launches crypto trading for retail investors

Fidelity Investments, one of the largest brokerages in the world, has officially rolled out a commission-free crypto trading product for retail investors, starting with zero-fee trading for Bitcoin and Ethereum.

Digital Assets

ECB head calls for tougher crypto regulation after FTX collapse

President of the European Central Bank, Christine Lagarde, has called on lawmakers to start working on fresh crypto regulations to protect the financial system after the collapse of the FTX exchange.

Retail FX

CySEC updates rules for regulated brokers’ cross border activity

As CySEC’s attitude of adopting more stringent licensing guidelines and operating regulations becomes ever clearer, certain aspects of the rules and operations start to come into sharper focus.

Market News

Outlook for Gold: Can the Precious Metal Regain Power?

Gold set an all-time high at $2070 on March 08, 2022, when the price skyrocketed amid investors’ worries about the military conflict in Eastern Europe.

Crypto Insider

2022 Islamic Finance recap: as the space continues to evolve, blockchain stands to play a big part

Despite the global economy being ravaged by turmoil induced by the Covid-19 pandemic over the last couple of years, the Islamic finance industry has emerged relatively unscathed

Crypto Insider

Decentralized Exchanges and Pooled Trading Platform Applications

Decentralized exchanges are one-way blockchain companies take back the power of value creation.

Crypto Insider

How to maximize the safety of your digital tokens?

Digitalization is the future of the investment world. These are the most preferred and growing investments in the world.

Institutional FX, Interviews

FIA EXPO 2022: Interview with Trading Technologies

The derivatives trading industry has gathered in Chicago to attend the FIA EXPO 2022 on 14-15 November.