"Problems that emerged with the new online banking system of Sampo Bank on Tuesday were not limited to breaks in service and incorrect or missing information on money transfers and bank balances.
The glitches, that continued on Wednesday, were prompted by changes enacted at Sampo aimed at integrating its operations with the Danish Danske Bank, which bought Sampo last year. One customer in the Uusimaa region noticed on Wednesday that his monthly housing loan payment had been deducted from his account twice." And later: " A security breach was found in the Sampo online banking service on Wednesday, which might have made Sampo customers vulnerable to e-mail phishing scams. After the matter had been reported in the media, Sampo said that it had fixed the breach. Mikko Hyppönen, head of research at the online security company F-Secure, called the mistake "primitive"." --clip-- More at http://www.hs.fi/english/article/Sampo+Bank+online+problems+continue/1135235099406 Screenshot: Sampo Online Bank XSS security hole exploited http://flickr.com/photos/roxeteer/2363227173/ Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
