Security group alleges breach in bank's Web site | LinuxSecurity.com

Advisories

Discover Privacy News

Security group alleges breach in bank's Web site

Customer credit card numbers of Bank One Online are at risk of exposure to malicious hackers, an Internet security group charged Tuesday. The Web site of the fourth-largest U.S. bank lets customers in most cities check their accounts by entering a . . .
Customer credit card numbers of Bank One Online are at risk of exposure to malicious hackers, an Internet security group charged Tuesday. The Web site of the fourth-largest U.S. bank lets customers in most cities check their accounts by entering a bank card number and PIN, or personal identification code. By default, this card number is stored to a data file, or cookie, on the customer's local server and sent via encryption to Bank One's site at each account visit.

The stored data is meant to make subsequent visits more convenient for consumers who only need to enter a password thereafter. But debit card or bank card numbers contained in the cookie file could be vulnerable to security breaches, according to Interhack, a Columbus, Ohio-based Internet systems developer and security consultancy.

The link for this article located at News.com is no longer available.

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.