Solidot: 携程支付日志泄露

Solidot

奇客的资讯，重要的东西

携程支付日志泄露
http://solidot.org.feedsportal.com/c/33236/f/556826/s/387f98f5/sc/21/l/0L0Ssolidot0Borg0Cstory0Dsid0F38833/story01.htm
Mar 23rd 2014, 05:40

黑客在乌云公布了两个携程网安全漏洞：安全支付日志可遍历下载和源代码包可直接下载。支付日志的信息包括了持卡人姓名、身份证、银行卡类别、银行卡号、CVV码和银行卡6位Bin等，这些信息可被用于盗刷卡。携程确认了漏洞，称已经在漏洞发布两小时内修复该问题，没有发生盗刷的情况。携程储存的信息被认为违反了中国银联风险管理委员会的《银联卡收单机构账户信息安全管理标准》，已有用户对相关信用卡进行了挂失处理，而专家也建议用户拨打对应银行的客服电话申请停卡，或直接办理挂失。This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.



You are receiving this email because you subscribed to this feed at https://blogtrottr.com

If you no longer wish to receive these emails, you can unsubscribe here:
https://blogtrottr.com/unsubscribe/cz0/jPbdSR