Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security Privacy Technology

Mexican Tax Refund Site Left 400GB of Sensitive Customer Info Wide Open (theregister.co.uk) 18

Posted by msmash from the security-woes dept.
Mexican VAT refund site MoneyBack exposed sensitive customer information online as a result of a misconfigured database. From a report: A CouchDB database featuring half a million customers' passport details, credit card numbers, travel tickets and more was left publicly accessible, security firm Kromtech reports. More than 400GB of sensitive information could be either downloaded or viewed because of a lack of access controls before the system was recently secured.
This discussion has been archived. No new comments can be posted.

Mexican Tax Refund Site Left 400GB of Sensitive Customer Info Wide Open More

Mexican Tax Refund Site Left 400GB of Sensitive Customer Info Wide Open

Comments Filter:

  • Pay for the Wall (Score:3)

    by sls1j ( 580823 ) on Friday September 08, 2017 @02:25PM (#55160681) Homepage
    I guess Mexico will be paying for the wall after all.

    • Re: (Score:3)

      by halivar ( 535827 )

      You mean a FIREwall... am I right? Am I right? You get it? Just wondering: did we get rid of downvotes? I sure hope so.

  • This is why we need a wall. (Score:1)

    by Anonymous Coward
    Dirty Mexican companies like MoneyBack just leave their customer data exposed to everyone, so anyone can download it! Good wholesome American companies like Equifax would never do something that dumb.

  • Question: (Score:3, Funny)

    by lq_x_pl ( 822011 ) on Friday September 08, 2017 @02:27PM (#55160691)
    When did equifax open up its Mexico office?

  • Comment removed (Score:3)

    by account_deleted ( 4530225 ) on Friday September 08, 2017 @02:34PM (#55160737)
    Comment removed based on user account deletion

  • I'm honestly frustrated... (Score:3)

    by Chris Katko ( 2923353 ) on Friday September 08, 2017 @03:08PM (#55160907)

    ...I have no idea what to do. Almost every two weeks there's another major breach--that we KNOW of.

    We basically have two choices. Use NOTHING in the modern world--not just websites but anything. Cellphones were hacked. CREDIT TRACKING companies were hacked. Everything. Or, basically just accept you're entire life is online even if you never post anything.

    The third option would be, if we lived in a rational world with a non-inept government, would be to PIN THEIR ASSES TO THE WALL (the companies) until SECURITY becomes such a financial liability that full-time qualified security engineers (with regular 3rd party pentesting) are a business requirement for every medium to large size company. Make that shit LEGAL and the companies will follow.

    But who am I kidding? Congress is a bunch of fucking retards. And the DOJ hasn't been pinning companies asses to the wall since Eric Holder got into Office. And I'm NO Bush fan! But remember when Enron management... WENT TO JAIL? Statistically (google it) prosecution of white collar crimes have dropped >20% AND this is at a time when we had the one of the largest financial collapses in our countries history and NO ONE GOES TO JAIL!? No laws change?! Nothing?!

  • ...does "Mexican tax refund" sound like a euphemism for something not at all related to taxes?

Slashdot Top Deals

Term, holidays, term, holidays, till we leave school, and then work, work, work till we die. -- C.S. Lewis

Close