2019: Leakage of 20 thousand records of payment cards
At the end of September, 2019 about 20,000 records of payment cards from eight cities of the USA appeared in the black market as a result of an attack on Click2Gov, a payment system of the public and municipal services, popular in the country.
Experts in security of Gemini Advisory found out that as a result of cyber attack Pokatello's inhabitants, Idaho and Oklahoma suffered. Also cracking concerned the cities of Florida, California and Iowa. Some cities were attacked repeatedly, i.e. updated software remained vulnerable. Cracking was detected, only when in the Darknet experts detected these sets of payment cards provided for sale.
Having received messages about violation, the CentralSquare Technologies company standing behind creation of the Click2Gov system immediately carried out the extensive criminalistic analysis and contacted each client. However this statement does not mean updating and correction of vulnerable software. Researchers of Gemini consider that malefactors or detected new vulnerabilities of a system of state services, or could save access to the vulnerable systems as a result of the initial attack.
Ben Goodman, the vice president for global strategy and innovations in the ForgeRock Inc. company which is engaged in identification and access said that new incidents prove the remaining vulnerability of a system of the state portal. He advises users regularly to check statements on the payment cards regarding any a deviation within the next several weeks. According to the expert, Click2Gov and similar applications for accounts and payments with self-service should use strategy and the tools of security supporting permanent, contextual and continuous protection. Besides, they should reveal unusual behavior of the user in time to use additional check of the personality, for example, multifactor authentication.
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |