First of all, I'm putting this under "rants" because I physically did some combination of a facepalm/head-desk.

So, citigroup got hacked. I know, nothing new there, nothing too special. The bad part is how it was hacked. Anyone wanna guess? Well, I'll tell you. They changed the account number in the URL. Wait, what? Yes, that's right, they changed the account number in the URL. Now I'm sure your asking yourself, much like I was, "don't they use any authentication to make sure you have access to that account?" Well, apparently, no.

In fact, about 200,000 people had their information stolen.

slashdot link

Yeah, that's rather crappy :/

And it's only going to get worse.

http://www.fox41.com/story/14905798/lmpd-devices-at-gas-pumps-could-steal-your-bank-info

I think this might just be worthy of the facepalm mosaic...

I don't have enough hands for the facepalm this deserves. I've literally spent all of three hours in my life learning web scripting languages, and I still spent the time to [attempt] input validation on my site.

This is like lesson 2 on hackthissite. I like how reports keep using the word "sophisticated" to describe the attack.

Somehow, "I told you so," just doesn't quite say it...

I doubt it's going to get worse due to card skimming; card skimming has been around ever since card issuers started putting magnetic strips on the backs of their cards. As stated in the article, some of these skimming devices can be easily detected as a rather large bulge from where you would normally swipe your card (though if you're the kind of person who codes acct. #'s into URLs you might not notice ):

I didn't mean to say that because of the fact that people are taking apart gas pumps and replacing them with reader/card burners so they can access your money and drain your accounts that it will get worse. Thefts in general are getting worse. There were a string of thefts in storage buildings 2 weeks ago, they managed to find one of the several suspected. People are stealing metal off the sides of buildings, cutting catalytic converters in the middle of the day.

As the economy fails, this stuff will get worse.

Poverty -> Desperation -> Crime

Internet crime is a whole different beast. It's a kind of crime that was non-existent less than 15 years ago.

I humbly suggest that we have one "X got hacked" thread and keep appending to it, because I don't see this pattern stopping any time soon.

Agreed.

Disagree; having several discussions of separate hacks in one thread would be madness.

Madness you say? THIS IS CEMETECH!!!!!!!


But seriously I kinda have to agree with Ultimate Dev'r on this, one massive thread would be massively confusing.

http://technolog.msnbc.msn.com/_news/2011/06/28/6963920-mastercardcom-site-down-hacktivists-claim-credit

Seems they decided to bring Mastercard.com down as well. They as in, ibomhacktivist. Didn't last long though, as the website is currently online. Seems to still be linked to the blocking of money to wikileaks.

I can't wait to see how this escalates. Anyone want to wager what the next target will be, and how the federal government will overreact?