Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Security HP

Point-of-Sale System Bought On eBay Yields Treasure Trove of Private Data 68

Posted by Soulskill
from the low-hanging-fruit dept.
jfruh writes: Point-of-sale systems aren't cheap, so it's not unusual for smaller merchants to buy used terminals second-hand. An HP security researcher bought one such unit on eBay to see what a used POS system will get you, and what he found was disturbing: default passwords, a security flaw, and names, addresses, and social security numbers of employees of the terminal's previous owner.
This discussion has been archived. No new comments can be posted.

Point-of-Sale System Bought On eBay Yields Treasure Trove of Private Data

Comments Filter:
  • by jehan60188 (2535020) on Friday July 18, 2014 @01:15PM (#47484561)

    These are restaurant/retail workers. Society has already s*** all over them, so they shouldn't be surprised this happens to them.

    Serious note: Small businesses (such as Target, or New York City) aren't good at data security.

  • by Anonymous Coward on Friday July 18, 2014 @01:21PM (#47484623)

    When someone goes out of business and liquidates (is forced to liquidate) their capital assets, they're not going to give a crap about what data might be left on these devices.

  • by sjbe (173966) on Friday July 18, 2014 @01:37PM (#47484749)

    I bet 90% of all small businesses still have no real clue data security and about the amount of data their printers, cash registers,.. still contain.

    As someone who has spent many years consulting to small businesses I can tell you that you are being too conservative. 99% is probably closer to the mark. Nearly all small business owners are clueless regarding data security and frankly don't really have the time to worry about it either. Running a small business is a hugely time consuming endeavor and dealing the the nuances of data security is a luxury most do not have time for. Shoot, you'd be terrified at how many of them don't even bother to back up key data like their accounting software.

    I run a small business myself and while I'm more aware than most about our security I don't really have time to deal with all of it. At some point you sometimes simply have to live with a certain level of risk until you have the resources to address things properly.

If this is timesharing, give me my share right now.