As a software engineer I would feel rather guilty to develop a system that was that poor. I used to have a Citi credit card..... I had better check it is no long active.
-----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: 15 June 2011 04:36 To: NT System Admin Issues Subject: [OT] Citibank worse at security than Sony So... 200,000 or so Citigroup customers have had their person info stolen. Someone logged in to one account properly, then changed the account number in the URL to someone else, and the site happily served up that account instead. I hesitate to even call the first party an "attacker". Is it really an attack if the bank just leaves a pile of money sitting on the sidewalk and someone takes it? http://www.dailymail.co.uk/news/article-2003393/How-Citigroup-hackers-broke-door-using-banks-website.html Some banker fat cats need to go to jail for this. This is incompetence of the highest order. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. QinetiQ may monitor email traffic data and also the content of email for the purposes of security. QinetiQ Limited (Registered in England & Wales: Company Number: 3796233) Registered office: Cody Technology Park, Ively Road, Farnborough, Hampshire, GU14 0LX http://www.qinetiq.com. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
