A security breach at one of the world’s largest credit card processors has exposed a security key for millions of customers.
Security experts are warning that customers are using their credit card numbers to access their personal financial information.
The credit card companies use a “passcode” to unlock cards, but the information stored in those cards is usually encrypted, so if hackers gain access to that data, they could easily gain access as well, said Matthew C. Johnson, chief security officer at security firm CrowdStrike.
“You have to have a password,” he said.
“That’s the whole point.”
For those of you that think your card is secure, I hope this is something you do not have to worry about.
It is NOT, and you will be able to access your personal financial info.
The information in your account is encrypted.
It’s very important.
The company that sells your credit card is one of three large US credit card issuers that use a unique passcode to unlock credit cards.
But it’s not the only one.
Many of the large card issuer’s customers use the same code to access the information.
A new vulnerability has been discovered by security researchers at CrowdStrike that could allow attackers to access millions of customer accounts, including the credit card data stored in customers’ phones and computers.
The researchers say it is likely to be a “major security issue” because it allows attackers to read and decrypt the encryption keys on a large scale.
“It’s a very big issue because it’s the largest security vulnerability in the world,” said Jeremy D. Anderson, director of the CrowdStrike Security Lab.
“We have seen a lot of things happen in the past that were potentially dangerous, and this is one that we think is potentially more dangerous,” Anderson told Newsweek.
In recent months, several credit card card companies have had issues with a “backdoor” security feature that allows attackers who have access to an account to remotely log into the cardholder’s account.
The vulnerability was first disclosed in January.
But now, it has been publicly known for weeks.
The researchers say they have found at least five known attacks on the same card data.
“In our experience, this attack is the most sophisticated, most difficult, and probably the most important,” said Anderson.
The attacks include two separate versions of the same attack that target a different card: one that can read the card’s cardholder ID and a second that can log into and use the card.
CrowdStrike says it has discovered at least three attacks on a single card and one attack on an account belonging to the same customer.
The attackers have used a unique password to access sensitive card data on hundreds of millions of cards.
And it’s possible the attackers are using the same password to log into other cards and get access to the cards of thousands of customers, the researchers say.
In addition to the breach at Wells Fargo, the credit cards used by more than 100 million customers have also been compromised.
The breaches are also affecting other major banks.
Last month, the Federal Trade Commission reported that the credit companies of AT&T, Sprint and Verizon have been hit with nearly half a billion fraudulent charges.
The fraud is likely related to a flaw in the credit reporting software used by the companies.