In October 2015 Magento released a patch called 'SUPEE-6788' to addresses vulnerability in the zend framework.

HSC (UK) Ltd take data security seriously.  If customers feel vulnerable and have no confidence their data is safe, they won't make an online purchase.  They wont sign up for an account.  They wont TRUST you.

We chose MAGENTO because it is not only one of the worlds most used and best e-commerce solutons, but also because of it's history of maintaining data integrity and it's good level of 'built-in' security measures.

We have added additional security, such as vetting account registrations and using CAPCHA on forms and we host our Magento owith award winning hosting provider, UKFast.  We also make sure that ALL our server software is kept up to date with new patches and fixes whenever they are released.

During this year, MAGENTO, Inc's developers discovered a vulnarability with the core system and in due course, issued a patch designated 'SUPEE-6788'.  Of course, we patched our system in good faith to ensure high levels of security, but as with any computer based code, updates can be frought with issues.

Although MAGENTO, Inc patched the main and most important issue, (preventing hackers from accessing payment information, although we don't actualy take payment through our websites as all accounts are credit accounts!), implementing the patch introduced a number of problems, including causing the online registration and password reset functions from working.

To further enhance the core system of Magento and to offer better features, customisation and functions we implement extensions from a number of developers.  The 'SUPEE-6788' patch unfortunately resulted in 'breaking' the code of some of the extensions we use and we are still awaiting an update or fix from some of those developers.

The core of the system and therefore the website in general is as secure as it could be and still functions well.  Customers can log in, search for products and place orders without any problem.

We are implementing patches and fixes for other problems introduced, as they become available.  Please accept our apologies if there is any inconvenience to you during this process.  We can help you by calling 0845 309 0707 and speaking to aour sales teams.

To alleviate this sort of thing in the future, we are iplementing both a system deployment programme and moving to a test and deployment version of our site.

We thank you for your business and thank you for your patience.

Jason Roper
Head Developer
Tooldomains