7-Eleven’s mobile payment feature on its app, 7Pay, was only recently launched by 7-Eleven Japan on July 1—the feature allows customers to scan a barcode and pay using a credit/debit card that is linked to the app.
However, a week is all it took for hackers to cheat the system and steal half a million U.S. Dollars, it seems. A customer first reported that they noticed a charge that they didn’t make on the app, and Yahoo News Japan has reported that there is a major loophole that has been exploited.
The way it works, the hacker would use the user’s date of birth, phone number, and email, and send a password reset request to another email address. This issue is further exacerbated by the fact that the 7Pay app lists users’ DOB as January 1 2019 if the DOB section wasn’t filled by the user.
According to 7-Eleven Japan, approximately 900 individuals had their accounts hacked, and a total of 55 million yen was fraudulently charged to their apps; the entire process seems to have been automated by the hackers. 7-Eleven Japan has suspended the feature in the meantime, and has also warned users on 7Pay’s website. Along with that, new registrations are also suspended for now.
However, it seems that this is an isolated incident for now. A representative of Japan’s Ministry of Economy, Trade and Industry has said that 7-Eleven didn’t follow standard security protocols/guidelines when developing the app, while two individuals have already caught using one of the hacked accounts. The authorities believe that they may be linked to a Chinese crime ring, but nothing is concrete as of yet.
[ VIA , IMAGE SOURCE ]
GX Bank Berhad (GXBank), Malaysia's first digital bank, has announced a 10-year exclusive bancassurance partnership…
Yes 5G Databack programme which allows Shopee users to redeem free data is coming to…
Shopee Malaysia has officially launched its On-Time Guarantee programme where customers can be compensated with…
BJAK road tax renewal service is here to stay. The online insurance aggregator has confirmed…
It's been awhile now since we did one of these lists---since November of last year…
[ UPDATE 07/05/2024 10:37 ] BJAK has responded to JPJ's statement by making its road…
This website uses cookies.