Online share trader CommSec vulnerable to hackers

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.news.com.au/story/0,23599,25396936-2,00.html

By Nick Higginbottom and Stephen McMahon
Herald Sun
April 28, 2009

SECURITY at the nation's biggest online trader has been exposed as wide 
open to attack by computer hackers.

Security flaws at CommSec potentially endangered accounts containing 
billions of dollars of mum-and-dad investors' money.

After a Herald Sun investigation, CommSec's 1.7 million customers have 
been strongly urged to change their passwords.

Had any hackers entered the system they would have been able to access the 
personal details of CommSec's customer accounts and trade in other 
people's share portfolios.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss