TechSpot

Citigroup breached simply by changing a portion of the URL

By Jos
Jun 16, 2011
Post New Reply
  1. Thousands of Citigroup's credit card customers saw their account information compromised last week, and all it took was a browser and changing a few numbers in the URL string after…

    Read the whole story
     
  2. gwailo247

    gwailo247 TechSpot Chancellor Posts: 2,011   +18

    Seriously? A credit card company? They haven't updated their security since 1996?
     
  3. example1013

    example1013 TS Enthusiast Posts: 265

    So basically Citigroup got hacked by exploiting a vulnerability a chimp could take advantage of. I think we've crowned a new champ in the "most easily compromised info" contest so far for this year. Sony may have had passwords and such compromised by an SQL injection, but whoever hacked Citigroup was able to get credit card info by just typing random numbers. The hardest part of that hack would be opening up a bank account, but all that takes is $25.
     
  4. stewi0001

    stewi0001 TS Evangelist Posts: 1,181   +528

    Epic Fail
     
  5. Kibaruk

    Kibaruk TechSpot Paladin Posts: 2,506   +498

    It seems after Sony's hack fiasco a lot of people have noticed how poorly secured big companies really are and taking as much as they can.
     
  6. Kralnor

    Kralnor TS Rookie Posts: 36

    Pretty much. That exploit is so simple that anyone could do it.
     
  7. I guess I know where may anual fees...did go to..
    Paying for a compentent developer.
     
  8. matrix86

    matrix86 TS Guru Posts: 812   +26

    Wow...that's pretty sad. Wonder who was responsible for this one. LulzSec struck again yesterday, taking down cia.gov (now THAT takes some serious guts) with a DDoS attack.
     
  9. amybg

    amybg TS Rookie

    People go on about how everyday users should have strong internet security, but in this case it looks like Citigroup should have taken that suggestion a little more personally. Serious failure.
     
  10. aj_the_kidd

    aj_the_kidd TS Rookie Posts: 555

    Such a simple hack, there's really is not excuse
     
  11. captaincranky

    captaincranky TechSpot Addict Posts: 11,691   +1,879

    I keep shredding the credit card applications Citigroup sends me. Now I know why.
     
  12. taimuraly

    taimuraly TS Booster Posts: 113

    CitiGroup more like ShitiGroup. By the way don't secure sites have badges on top and bottom telling the users that the site is legit or can they too be hoaxed?
     
  13. jonelsorel

    jonelsorel TS Rookie Posts: 72

    Interesting.. I wonder what will happen when, after a few more big bank security breaches such as this one, people start getting the feeling that their money really isn't that safe in a bank..
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...