Published on April 5th, 2014 📆 | 2636 Views ⚑0
Credit Cards for 1.2 Million Drivers Vulnerable at TxTag.org
Security researcher, David Longenecker claimed a serious flaw at TxTag website that exposes the active Credit Card Details and Personal Information of 1.2 Million Drivers including active TxTags (vehicle stickers with microchips, which are scanned by electronic readers on toll roads), Names, phone numbers, full residence addresses, email addresses, along with their complete Credit card numbers and Expiration date.
But their stupidity didn’t end here, to make the case worst for their users; TxTag.org inexplicably stores the entire credit card details including Credit Card Numbers and expiration date, which meant to be partial visible to users, but available in the plaintext as the value of input field on the page source code.
"I have no indication credit cards have actually been stolen. I merely found and reported a flaw that could very easily be exploited to obtain this information." he said.
The Flaw has been reported by the researcher, but neither TxTag nor TxDOT have so far responded to any of his request for comment.
"The problem lies in the AutoPay Method screen. If you do not have a credit card or bank account stored for automatic payments, then financial data cannot be stolen through this manner." david said.
We should understand that no one is safe when bad hackers are out to do some damage. You are always advised to don't be lazy with your passwords, set tough-to-guess and long passwords and don't store information online that you don’t absolutely need to. Stay Tuned, Stay Safe.