Information Security News mailing list archives
True story behind Joburg’s online security problems
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 23 Aug 2013 08:06:01 +0000 (UTC)
http://mybroadband.co.za/news/security/84993-true-story-behind-joburgs-online-security-problems.html By Rudolph Muller MyBroadband.co.za August 22, 2013On Tuesday (20 August 2013) BidorBuy CTO Gerd Naschenweng reported a security problem with the City of Joburg’s online billing system. The events before and after his report of the problem raises concerns about the city’s online security and the municipal processes.
A timeline of events shows when the security vulnerability was discovered, what Naschenweng tried to do when he discovered the problem, and what happened in the aftermath of the media reports.
11:00 on Tuesday 20 August 2013Naschenweng discovered the COJ billing system problem which exposes Joburg residents’ invoices containing private information, including names, addresses, account numbers, PIN codes, and financial details.
Shortly after 11:00 on Tuesday 20 August 2013Naschenweng phoned the COJ call-centre, but he was told that he could not be connected to IT or anyone who is responsible for the website.
[...]
-- Find the best InfoSec talent without breaking your recruiting budget! Post a Job, $99 for 31 days. Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Current thread:
- True story behind Joburg’s online security problems InfoSec News (Aug 23)