Forgot your password?
typodupeerror
Security HP

Point-of-Sale System Bought On eBay Yields Treasure Trove of Private Data 68

Posted by Soulskill
from the low-hanging-fruit dept.
jfruh writes: Point-of-sale systems aren't cheap, so it's not unusual for smaller merchants to buy used terminals second-hand. An HP security researcher bought one such unit on eBay to see what a used POS system will get you, and what he found was disturbing: default passwords, a security flaw, and names, addresses, and social security numbers of employees of the terminal's previous owner.
This discussion has been archived. No new comments can be posted.

Point-of-Sale System Bought On eBay Yields Treasure Trove of Private Data

Comments Filter:
  • by Selur (2745445) on Friday July 18, 2014 @01:09PM (#47484511)

    I bet 90% of all small businesses still have no real clue data security and about the amount of data their printers, cash registers,.. still contain.

  • by Jiro (131519) on Friday July 18, 2014 @02:29PM (#47485041)

    By that reasoning if the restaurant supply reclamation company instead found equipment contaminated with bacteria, and sold the equipment, and people got sick and died from it, they likewise wouldn't have any responsibility. Equipment that poses a threat to people because it spreads private data is not really all that different from equipment that poses a threat because it spreads disease.

    (Which is not to say that it's legally the same, of course.)

"Everything should be made as simple as possible, but not simpler." -- Albert Einstein

Working...