Virgin Net customer is security shock

[InfoSec News <isn () c4i org>]

http://www.net4nowt.com/isp_news/news_article.asp?News_ID=1001

By Peter Harris
25 June 2003
United Kingdom

A very shocked and horrified Virgin.net customer has notified Net4Nowt
of a potential security flaw in the companies online signup procedures
for the companies 24/7 Internet pacakage.

Virgin.net have recently allowed customers to set up direct debits to
pay for the 247 package via there website offering SSL encryption to
users who choose this method of payment.

However, a Net4Nowt reader has notified us they was shocked to receive
the next day an email from Virgin.net confirming the set up of the
direct debit together with full bank account details.

Virgin have been notified of the problem but no response has yet been
received.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.