Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

New York payments startup exposed millions of credit card numbers

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 23 Apr 2020 07:51:50 +0000 (UTC)
https://techcrunch.com/2020/04/22/paay-unencrypted-credit-card-data/

By Zack Whittaker
TechCrunch
April 22, 2020
A massive database storing millions of credit card transactions has been secured after spending close to three weeks exposed publicly to the internet.
The database belongs to Paay, a card payments processor based in New York. Like other payment processors, the company verifies payments on behalf of selling merchants, like online stores and other businesses, to prevent fraudulent transactions.
But because there was no password on the server, anyone could access the data inside.
Security researcher Anurag Sen found the database. He told TechCrunch that he estimates there are about 2.5 million card transaction records in the database. After TechCrunch contacted the company on his behalf, the database was pulled offline. 

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: