1 min read

Wiseasy Employee Credentials Found Online, More than 140,000 POS Terminals Affected

Silviu STAHIE

August 03, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Wiseasy Employee Credentials Found Online, More than 140,000 POS Terminals Affected

A security researcher has identified Wiseasy admin credentials on the black market. Wiseasy is a manufacturer of financial terminals and payment technology services widely used in the hospitality industry and other domains where card payments are necessary.

Point of sale (POS) devices are often under attack mainly because they deal with credit card transactions, but they also hold personal information of many customers. POS devices remain prime targets for attacks, but the recent Wiseasy incident is different, although it affects the same types of devices.

Security researchers from Buguard discovered that Wiseasy employee credentials, including admin ones, were available online. This would let attackers log in into the Wiseasy cloud platform. Moreover, the cloud dashboard had no extra protection, such as two-factor authentication, which is always needed, especially when dealing with financial and personal information.

According to a TechCrunch report, some of the exposed information included names, phone numbers, email addresses, Wi-Fi names, and much more. In total, attackers would have had direct access to around 144,000 Wiseasy terminals worldwide.

To make matters worse, the security researchers contacted the company but could not get a clear answer. They tried to speak with people at the company, only to have meetings canceled at the last minute. They had even sent screenshots showing the type of access they had.

Following multiple questions and requests for comments, Wiseasy eventually said they enabled two-factor authentication for the dashboards, but it's unclear whether they plan to notify their customers as well.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read
Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find
Silviu STAHIE

November 29, 2022

1 min read
Apple Users Report Seeing Other People's Photos When Using iCloud for Windows Apple Users Report Seeing Other People's Photos When Using iCloud for Windows
Silviu STAHIE

November 25, 2022

1 min read