Exclusive: Affiliates able to access databases of ALL Hello Markets brands and CRM data in massive security breach

Hello Group’s CRM data is publicly available and displays the entire databases of affiliates by just copy pasting a URL. We tested this extensively and raised it with Hello Group, which has now confirmed that it has resolved the issue completely

When providing white label solutions to brands, as is the case of a number of smaller retail FX brokerages that either do not have the resources or the business direction to invest in their own servers and infrastructure, as well as the entire OTC binary options business, the security of data is paramount.

Equally important is the security of client information, for a number of reasons, one in particular being the increasing number of hacking activity that has made it easy to obtain username and password information from trading accounts in order to gain access and make successful withdrawals, another being an internal issue in which in some cases, leads are obtained by former employees of binary options firms selling databases to their future employers, or establishing lead selling business in order to recycle the intellectual property of firms from which they have stolen it.

Security, therefore, is vital these days to protect against several potentially damaging factors.

Thus, it is vitally important that CRM data is encrypted and cannot be accessed from the outside, however according to research by FinanceFeeds, one particular firm has a vast security issue in that its CRM data is completely viewable in the public domain.

As a result, all affiliates can access the data of brokerages which are white label brands of this particular platform provider / market maker without any restriction whatsoever.

Hence, brands which use this platform risk having their own intellectual property displayed publicly, which in turn means that other brands could simply copy and paste it into their own databases.

The brand in question is Hello Markets in Cyprus.

FinanceFeeds has studied this in detail, and has performed several tests with regard to this, as well as drawing on the experience of several affiliates.

Both FinanceFeeds and the affiliates that we approached were able to replicate this several times, in a very simple copy/paste action relating to some of the source code from the Hello Markets platform which can be simply exported and pasted to a different part of the portal, exposing every CRM record in the system.

Upon testing this to a significant enough degree to realize that it is indeed an issue, FinanceFeeds raised the matter with Hello Group, the parent company of the Hello Markets platform.

Speaking today to Senior Marketing Manager Khaled Slim, who is also head of the company’s Cyprus office, FinanceFeeds provided a full set of data and stages by which the company itself was able to replicate this.

Mr. Slim explained to FinanceFeeds that this would be investigated immediately, and shortly afterwards explained “We are very grateful for this having been pointed out, and have now taken it to our developers who have rectified it without delay.”

“Hello Group is absolutely committed to ensuring complete data security, hence this matter has now been completely resolved and we assure all affiliates and customers that there is no longer any ability to access such data” he concluded.

On the company’s website, it states “Your Back Office is fully encrypted thanks to our Security Token. Safety is key, and the Hello Group team of experts knows that all too well. The new Token is a security device which is sure to upgrade the access safety of your website’s back office to unprecedented levels.”

It is vital to make absolutely certain that when taking a white label solution, despite the well recognized cost advantages over establishing an independent brokerage, the security of your own data is maintained, as that, after all is the intrinsic value of your business.


Read this next

Retail FX

Weekly Roundup: Funded Trader closure, Coinbase adds Apple Pay

Welcome to this week’s roundup, where we delve into the latest developments in the Forex, Fintech, and cryptocurrency markets. Stay ahead of the curve with our comprehensive overview of the week’s most impactful events and trends across these dynamic sectors.


Presale Rush: BlockDAG Outshines Furrever Token and DeeStream Presales with 20,000x ROI Potential, Raising Over $16.4M

Discover April 2024’s presale hits, as BlockDAG, Furrever Token, and DeeStream Presales battle it out. Which will explode in 2024?

Digital Assets

Shakeeb Ahmed gets three-year sentence for hacking Nirvana, Crema

A New York court has sentenced computer security engineer Shakeeb Ahmed to three years in prison for conducting flash loan attacks on decentralized cryptocurrency exchanges in 2022, marking the first-ever conviction for a breach involving smart contracts.

Digital Assets

TON Foundation teams up with HashKey on fiat access for Telegram Wallet

The TON Foundation, a collective of developers behind The Open Network (TON) blockchain, has entered into a strategic partnership with digital asset financial services firm HashKey Group.


BlockDAG aka Kaspa’s Toughest Competitor Releases DAGpaper, Lightes Up The Las Vegas Sphere Pulling Shiba Inu Investors & Amassing $16.4M in Presale

BlockDAG, emerging as a Kaspa competitor, unveils its DAGpaper, spotlighting the Las Vegas Sphere and captivating Shiba Inu investors with a $16.4M presale success.

Fundamental Analysis

Global FX Market Summary: USD, ECB, Gold, Oil  April 12 ,2024

A strong US economy, cautious Fed policy compared to Europe, and safe-haven demand are all fueling the surge of the US Dollar.

Digital Assets

Thai crypto exchange Bitkub eyes $3 billion valuation

Thailand’s largest cryptocurrency exchange Bitkub is gearing up for a public offering next year with a potential valuation of up to $3 billion, according to Bitkub Capital Group CEO Jirayut Srupsrisopa.

Technical Analysis

GBPUSD Technical Analysis Report 12 April, 2024

GBPUSD currency pair can be expected to all further toward the next support level 1.2400, target price for the completion of the active minor impulse wave.

Market News

Navigating Currency Trends: Extensive Analysis on EUR/USD Signal

Traders Union provides comprehensive daily analysis and signals for EUR/USD.