[ISN] Virgin Net customer is security shock

From: InfoSec News (isnat_private)
Date: Wed Jun 25 2003 - 00:40:16 PDT

  • Next message: InfoSec News: "[ISN] Pope moves against hackers"

    http://www.net4nowt.com/isp_news/news_article.asp?News_ID=1001
    
    By Peter Harris
    25 June 2003
    United Kingdom
    
    A very shocked and horrified Virgin.net customer has notified Net4Nowt
    of a potential security flaw in the companies online signup procedures
    for the companies 24/7 Internet pacakage.
    
    Virgin.net have recently allowed customers to set up direct debits to
    pay for the 247 package via there website offering SSL encryption to
    users who choose this method of payment.
    
    However, a Net4Nowt reader has notified us they was shocked to receive
    the next day an email from Virgin.net confirming the set up of the
    direct debit together with full bank account details.
    
    Virgin have been notified of the problem but no response has yet been
    received.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Jun 25 2003 - 02:55:57 PDT