UK-based Pakistani Researcher Kamran Mohsin saved 713,000 American taxpayers from a potential exploiting threat of their personal information including banking details, addresses, and income statements. What happened was that Florida’s Department of Revenue website had a flaw that exposed hundreds of filers’ bank accounts and Social Security numbers.
People with some cyber security knowledge could log in to the state business tax registration website and could see, modify and even delete personal data just by modifying the web address pointing to a taxpayer’s application number — you just needed to change the digits in the link.
Bethany Webster, Florida’s Department of Revenue representative said that the government fixed the bug and the potential threat within a few days of the report and that two unnamed firms have deemed the site secure. She added there was “no sign” attackers abused the flaw, but didn’t say how officials might have spotted any misuse.
“The vulnerability allowed the external individual to view registration data submitted by taxpayers, including 417 registrations that contained confidential information. Within a two-day timeframe, the Department attempted to contact each affected business by phone and contacted all affected taxpayers by phone or in writing within four days. The Department has also offered one year of complimentary credit monitoring to each affected taxpayer.”
The actual problem that the Department’s site had is known as an insecure...
Read Full Story: https://news.google.com/__i/rss/rd/articles/CBMingFodHRwczovL3d3dy50ZWNoanVpY2UucGsvdWstYmFzZWQtcGFraXN0YW5pLXNlY3VyaXR5LWV4cGVydC1leHBvc2VkLWEtdXMtdGF4LXdlYnNpdGUtYnVnLXNhdmVkLXBlcnNvbmFsLWluZm9ybWF0aW9uLW9mLTcxMzAwMC10YXhwYXllcnMtZnJvbS1wb3RlbnRpYWwtYnJlYWNoL9IBAA?oc=5
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.
