https://techcrunch.com/2020/04/22/paay-unencrypted-credit-card-data/
By Zack Whittaker
TechCrunch
April 22, 2020
A massive database storing millions of credit card transactions has been
secured after spending close to three weeks exposed publicly to the internet.
The database belongs to Paay, a card payments processor based in New York. Like
other payment processors, the company verifies payments on behalf of selling
merchants, like online stores and other businesses, to prevent fraudulent
transactions.
But because there was no password on the server, anyone could access the data
inside.
Security researcher Anurag Sen found the database. He told TechCrunch that he
estimates there are about 2.5 million card transaction records in the database.
After TechCrunch contacted the company on his behalf, the database was pulled
offline.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
