http://news.techworld.com/security/3531445/aloha-point-of-sale-terminal-sold-on-ebay-yields-security-surprises/
By Jeremy Kirk
Techworld.com
18 July 2014
Matt Oh, a senior malware researcher with HP, recently bought a single
Aloha point-of-sale terminal -- a brand of computerized cash register
widely used in the hospitality industry -- on eBay for US$200.
Oh found an eye-opening mix of default passwords, at least one security
flaw and a leftover database containing the names, addresses, Social
Security numbers and phone numbers of employees who had access to the
system.
His findings have received a fair amount of attention due to the role of
such systems in high-profile data breaches at retailers including Target,
Neiman Marcus and Michaels.
"What we found was that the overall state of security of the system was
very poor," he wrote in a blog post describing his analysis.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
