|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Dataloss] Citibank Korea e-payment hack
From: Dissent (Dissent
pogowasright.org)
Date: Thu Feb 15 2007 - 11:20:51 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://news.mk.co.kr/newsReadEnglish.php?sc=30800005&cm=General&year=2007&no=83542&selFlag=sc&relatedcode=&wonNo=&sID=308
Personal data on the Citibank e-payment system, used for e-commerce,
has been hacked, allowing illegal transactions on bank users' credit cards.
According to the banking industry, 20 credit cards issued by Citibank
of Korea have been illegally settled from Feb. 1 to 6, worth 50 million won.
Citibank Korea has requested an investigation from the National
Policy Agency's Cyber Terror Center after finding the company's
e-payment system was hacked to garner dates on the customers' credit
card information and passwords in order to make charges.
Hackers targeted under-300,000 won financial transactions of
companies with weak e-payment security.
That method was used, as below-300,000 won financial transactions can
be made by inserting basic personal information, such as credit card
numbers and passwords without official certificates.
"Unlike other banks, Citibank has omitted the process of inserting
the Card Validation Code (CVC) when executing e-payments, allowing
the culprits to take illegal actions," said an official from the
Financial Supervisory Service (FSS).
[...]
--
Main site: http://www.pogowasright.org
Main RSS feed: http://www.pogowasright.org/backend/pogowasright.rss
Breaches RSS feed: http://www.pogowasright.org/backend/breaches.rss
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 148 million compromised records in 573 incidents over 7 years.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]