Big security glitch Target.com, Amazon and others haven't fixed - KMSP-TV

The big security glitch Target.com, Amazon and others haven't fixed

Posted: Updated:

Some major retail websites have a security glitch that could put customers' personal information in the wrong hands -- and one of those sites is Target.com.

Target Corp. is certainly familiar with security issues. Over the busy Black Friday holiday shopping season, the personal information of an estimated 110 million customers was compromised. Now, a local security expert says a "misconfiguration of encryption software" could allow hackers to use stolen information to go on shopping sprees online and leave unsuspecting customers with the tab.

Since the massive data breach at Target last year, the company has tried to reassure customers that their credit card and personal information is safe and secure -- but Mark Lanterman, CEO of Computer Forensic Services, says there's one gaping flaw the bulls eye brand hasn't zeroed in on yet.

"Nobody's perfect, and I'm sure they've done an end-to-end security audit, but they missed this," he said.

In January, Lanterman explained how hackers could steal customers' user names and passwords from some of the biggest retail sites -- including Target.com -- with under $100 in equipment.

All the hackers have to do is set up a Wi-Fi network that prevents encryption under a familiar name in a public space -- like a coffee shop. Then, when people sign in, the hacker can see their private information in the lines of code.

Yet, three months later, Target remains one of several major companies that still hasn't fixed the glitch.

"My understanding is: Target is aware of this and their perspective is, 'This is a problem with the Internet,' it has nothing to do with their webpage and there's nothing they could do to fix it anyway," Lanterman said.

The only problem is that's not true. So far, TCF Bank, PayPal and even MNsure have closed that same flaw -- sometimes in less than a day.

Furthermore, Lanterman said that even though Target claims its website is secure, it's clearly not.

"I would control your mailing address," he explained. "I would have access to your credit card information, and I could charge things on your account -- and I shouldn’t be able to do that."

Target isn't alone. Lanterman says companies like Apple, eBay and Amazon.com have the same problem -- but none of them have already had a massive security breach that caused customer confidence to take a big hit.

"You can't just put your head in the sand and hope this goes away," Lanterman said. "Just fix it."

Lanterman said customers can protect themselves by bringing their own Internet on the go via a hotspot.

  • Most Popular StoriesMost Popular StoriesMore>>

  • 5 Minnesota State Fair foods that make the most money

    5 Minnesota State Fair foods that make the most money

    Saturday, August 23 2014 10:22 AM EDT2014-08-23 14:22:07 GMT
    There's a big misconception about food vendors at the Minnesota State Fair. Many people think you can set up a booth, work 12 days and make a pile of cash. But it's not that easy. Aside from a lot of hard work, it also takes some luck.
    There's a big misconception about food vendors at the Minnesota State Fair. Many people think you can set up a booth, work 12 days and make a pile of cash. But it's not that easy. Aside from a lot of hard work, it also takes some luck.
  • 28 new foods at Minnesota State Fair in 2014

    28 new foods at Minnesota State Fair in 2014

    Wednesday, June 25 2014 2:57 PM EDT2014-06-25 18:57:53 GMT
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
  • Snowy owl that survived Washington, DC bus hit dies in Minnesota

    Snowy owl that survived Washington, DC bus hit dies in Minnesota

    The snowy owl that underwent surgery and rehab at the University of Minnesota's Raptor Center after being struck by a bus in Washington, D.C. has died. The owl was returned to the wild in April, but was recently found dead on the side of a Minnesota highway.

    The snowy owl that underwent surgery and rehab at the University of Minnesota's Raptor Center after being struck by a bus in Washington, D.C. has died. The owl was returned to the wild in April, but was recently found dead on the side of a Minnesota highway.

Widgets Magazine
Powered by WorldNow

KMSP-TV
11358 Viking Drive
Eden Prairie, MN 55344

Phone: (952) 944-9999
Fax: (952) 942-0455

Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | New Terms of Service What's new | Ad Choices