A popular web payment portal for local U.S. governments has now been breached
Another day, another breach.
Security firm FireEye has announced that a popular web payment portal for local U.S. governments has been targeted by hackers. The vulnerability on Click2Gov servers was caused by malware that was uploaded through credit card data, according to TechCrunch.
According to FireEye’s incident response arm, Mandiant, the hacker used server vulnerability to upload a so-called FIREALARM tool to sift through server log data for credit card data. At the same time, another piece of malware called SPOTLIGHT was used to intercept credit card data from unencrypted network traffic. Once collected, the data was encoded and taken by the hacker.
Credit card data was the target
Nick Richard, a principal threat intelligence analyst at FireEye, told TechCrunch the hacker took “weeks to numerous months” to accomplish this feat. They were able to pull credit card numbers, expiration dates, and verification numbers, along with names and addresses. To date, it’s not known how many victims there are.
Any web server running an unpatched version of Oracle WebLogic would be vulnerable to exploitation, thus allowing an attacker to access the web server to manipulate Click2Gov configuration settings and upload malware.
Superion, which owns the web payment portal Click2Gov, told TechCrunch it has “diligently kept our customers informed while working with them to update available patches for the third-party software that contributed to the issue.”
Unfortunately, these sort of data breaches are becoming a common practice for hackers
If it seems like hacks have become commonplace at businesses and organizations, you’re right. This isn’t the first data breach affecting companies in recent months. Among those have been British Airways, Under Armor, P.F. Chang’s, GrayShift, and many more.
If you use Click2Gov and worry that your personal or business information has been stolen, your best bet is to discuss this with a supervisor. Hopefully, they are already on top of these and have resolved the issue on your end.
Has your personal information ever been hacked? What did you do about it? Let us know below.
- Samsung’s getting into the object tracking game with an LTE-enabled tracker
- Sony is releasing a tiny PlayStation Classic and loading it with 20 bangers (we hope)
- The YouTube Gaming app was a bust so the company is moving the features back to the main site