0
In a glaring security lapse, customers of 7-Eleven stores across Japan have lost millions of yen after scammers gained access to their online accounts.
The store launched a smartphone app for cashless payments earlier this week without realizing the security risk.
Around 900 customers have had their accounts compromised and lost a combined 55 million yen ($510,000, £410,000), 7-Eleven said.
The chain has suspended the service and promised to reimburse customers.
In a statement, 7-Eleven said that third parties were able to access the accounts of people using its 7pay app, impersonate those people, and charge their accounts through the registered credit or debit card.
According to US tech site ZDNet, the mistake allowed hackers to request a password reset of any stranger's account.
They were then able to have a recovery link sent to their own email, rather than the original account holder's.
https://www.msn.com/en-sg/news/newso...c81?li=BBr8Mkh