Big security glitch Target.com, Amazon and others haven't fixed - Dallas News | myFOXdfw.com

The big security glitch Target.com, Amazon and others haven't fixed

Posted: Updated:

Some major retail websites have a security glitch that could put customers' personal information in the wrong hands -- and one of those sites is Target.com.

Target Corp. is certainly familiar with security issues. Over the busy Black Friday holiday shopping season, the personal information of an estimated 110 million customers was compromised. Now, a local security expert says a "misconfiguration of encryption software" could allow hackers to use stolen information to go on shopping sprees online and leave unsuspecting customers with the tab.

Since the massive data breach at Target last year, the company has tried to reassure customers that their credit card and personal information is safe and secure -- but Mark Lanterman, CEO of Computer Forensic Services, says there's one gaping flaw the bulls eye brand hasn't zeroed in on yet.

"Nobody's perfect, and I'm sure they've done an end-to-end security audit, but they missed this," he said.

In January, Lanterman explained how hackers could steal customers' user names and passwords from some of the biggest retail sites -- including Target.com -- with under $100 in equipment.

All the hackers have to do is set up a Wi-Fi network that prevents encryption under a familiar name in a public space -- like a coffee shop. Then, when people sign in, the hacker can see their private information in the lines of code.

Yet, three months later, Target remains one of several major companies that still hasn't fixed the glitch.

"My understanding is: Target is aware of this and their perspective is, 'This is a problem with the Internet,' it has nothing to do with their webpage and there's nothing they could do to fix it anyway," Lanterman said.

The only problem is that's not true. So far, TCF Bank, PayPal and even MNsure have closed that same flaw -- sometimes in less than a day.

Furthermore, Lanterman said that even though Target claims its website is secure, it's clearly not.

"I would control your mailing address," he explained. "I would have access to your credit card information, and I could charge things on your account -- and I shouldn’t be able to do that."

Target isn't alone. Lanterman says companies like Apple, eBay and Amazon.com have the same problem -- but none of them have already had a massive security breach that caused customer confidence to take a big hit.

"You can't just put your head in the sand and hope this goes away," Lanterman said. "Just fix it."

Lanterman said customers can protect themselves by bringing their own Internet on the go via a hotspot.

Widgets Magazine
Powered by WorldNow

KDFW FOX 4
400 N. Griffin Street
Dallas, Texas 75202

Main Station Directory:
(214) 720-4444
News Fax:
(214) 720-3263 or (214) 720-3333

Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | Terms of Service | Ad Choices