The weak security of 7-Eleven applications in Japan resulted in a loss of $ 500,000



[ad_1]

The application has been disrupted from the start, customers complaining of illegal transactions made via their accounts since the first day. according to ZDNet, the poorly designed pbadword recovery method of the application was to blame. Instead of automatically sending an email to the address registered by users, the application allowed them to recover their pbadwords using any email address.

In other words, the high-tech thieves did not even have to make the extra effort of infiltrating the users' inboxes: they simply had to search for people's email addresses, their birth dates and phone numbers. And we all know how easy it is to consult them, almost everyone with an account on social networks. The fact that the app uses January 1, 2019 as the default birthday for all those who have registered without specifying their own number has also made things a lot easier for bad players. All they had to do after getting access to an account, was to generate a barcode with the application whenever they were paying in a point of sale 7-Eleven.

The company promises to compensate all the victims of the crime. Japanese authorities have arrested a couple of Chinese who have tried to pay for purchases amounting to thousands of dollars using stolen IDs against payment. They now believe that an international group, which includes a hacker, could be involved. Although the survey is still under investigation, the country 's Ministry of Economy, Trade and Industry has determined that the company does not have an investigation. had not followed the guidelines to prevent unauthorized access. The agency urges the company to strengthen its security measures if it wishes to revive 7pay in the future.

[ad_2]
Source link