Information Security News mailing list archives
New York payments startup exposed millions of credit card numbers
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 23 Apr 2020 07:51:50 +0000 (UTC)
https://techcrunch.com/2020/04/22/paay-unencrypted-credit-card-data/ By Zack Whittaker TechCrunch April 22, 2020A massive database storing millions of credit card transactions has been secured after spending close to three weeks exposed publicly to the internet.
The database belongs to Paay, a card payments processor based in New York. Like other payment processors, the company verifies payments on behalf of selling merchants, like online stores and other businesses, to prevent fraudulent transactions.
But because there was no password on the server, anyone could access the data inside.
Security researcher Anurag Sen found the database. He told TechCrunch that he estimates there are about 2.5 million card transaction records in the database. After TechCrunch contacted the company on his behalf, the database was pulled offline.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- New York payments startup exposed millions of credit card numbers InfoSec News (Apr 23)