User Data Banking Tools were available to everyone by leak

Jan

1

2016

User information for more than 250,000 customers from online checkbook Banking Tools were for a long time accessible to malicious users. The leak in the database of the financial services was discovered by a security researcher.

Through Google, the researcher had discovered that there was a leak in Banking Tools, then the researcher leak reported at nu.nl. According to the site the leak caused the database with users of Banking Tools was available with names, addresses, email addresses, declined subscriptions of service, and what kind of contacts there had been with the helpdesk and IBAN account numbers.

According Inverse, the company behind Banking Tools, only in relation to data from the Banking Tools site. Other sites of Inverse, such as Cash Book, are not connected Banking Tools has Inverse-founder Bart den Hollander told nu.nl. Research Inverse showed that the server logs are gone, so it is impossible to determine since when there is unauthorized access to the server has been. The unnamed discovered the leak said they never have anything thrown away, which could indicate that more parties have had access to the server.

The researcher would also have indicated that there are more ways to break into systems Inverse, something denied by the company itself because no ‘traces that show that this is true. ” Inverse has contacted a security company to audit the systems.

Customers of Banking Tools his e-mail is informed of the problems. The email states that ‘friendly hackers have broken into the My Banking Tools server which does not make the goal has been sensitive information loot. The email warns that it is possible that others with less noble goals have searched the contents of the server. The e-mail states that notification is made to the Data Protection Authority and other authorities. The site has since the incident long time been offline. As of January 1, 2016 companies have an obligation to report data breaches to the Authority for Personal Data, the then former CBP. Depending on the case, also face fines, for example by not reporting a data breach within 72 hours.

Viewing:-139

In: Technology & Gadgets Asked By: [15229 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »