Barclays in second security gaff this week

[InfoSec News <isn () C4I ORG>]

http://www.zdnet.co.uk/news/2000/30/ns-17040.html

By Will Knight
Wed, 02 Aug 2000 10:08:52 GMT

Forty-eight hours is a long time for a bank that consistently
compromises its customers' security

Troubled online bank Barclays admitted to another security blunder
Wednesday that again led to Internet accounts being compromised.

The "clerical error" was uncovered Tuesday, just days after a
technical fault (http://www.zdnet.co.uk/news/2000/30/ns-17002.html)
with the bank's overhauled online service compromised the security of
numerous customer accounts.

This second security glitch arose after two Barclays customers were
accidentally allotted the same account within the bank's online system
and were able to view each other's information online.

Barclays rectified the problem after one of these individuals reported
being able to see the details.

A Barclays spokeswoman says that the problem is an isolated incident
entirely unrelated to Monday's technical difficulties.

"It was a clerical error," she maintains. "Clerical errors happen all
the time and Barclays has 13 million customers. We regret this and
immediately amended the records."

Barclays says that transactions could not have been carried out.

The error could not have come at a more inconvenient moment, however,
as the spokeswoman acknowledges. She says that without Monday's
security breach it would have probably gained little attention.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".