Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Security Holes Expose Customer Card Data, Personal Details

Posted by Soulskill on Friday November 2, 2012 @03:33AM from the time-to-do-a-chargeback-on-their-security-contractors dept.

mask.of.sanity writes "Dangerous website flaws have been discovered in PayPal that grant attackers access to customer credit card data, account balances and purchase histories. The holes still exist. One was publicly disclosed after a failed effort in July to responsibly disclose them under PayPal's bug bounty program. PayPal is working to close the holes."

2 of 87 comments (clear)

Min score:

Reason:

Sort:

Re:PayPal is not a bank by Kenja · 2012-11-02 03:44 · Score: 5, Funny

Yep, they want all the functionality of a bank, but none of the regulation.
So they want to be a bank! <zing!>

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Re:Irresponsible disclosure by Anonymous Coward · 2012-11-02 04:32 · Score: 2, Funny

Don't go public - sell the vulnerability on eBay to the highest bidder. It makes the public aware of the issue - without disclosing the details - and allows PayPal to keep the details a secret if they want to.