7-Eleven Japan abandoned the recently launched mobile billing feature in 7Pay apps after an inadvertent third party has been allowed to falsify hundreds of customer accounts.
The company released this feature on Monday, July 1st. The customer was able to scan the barcode with the app and charge the associated credit or debit card. However, the company received a complaint the following day. We paid attention to charges that customers did not. Yahoo Apps Japan ( ZDnet ) There was a flaw in this app. Hackers need only know your birth date, email, and phone number, and you can send a password reset request to a different email address. This app also makes it easier for someone to break into your account by defaulting to birthdays on January 1, 2019, if you did not fill out the fields.
In this case, the hacker seemed to automate the attack. According to the company, about 900 individuals were targeting accounts and charged $ 55 million ($ 500,000). 7-Eleven Japan said that the app suspended its ability to stop claiming Linked cards, posting alerts on the 7pay feature website, and stopping new users from registering. The company also said it would provide compensation to users who hacked their accounts and build support lines.
A member of the Ministry of Economy, Trade and Industry said that according to the Japanese Times Japan Times it did not follow security guidelines to enhance security. The Japanese authorities have arrested two individuals who attempted to use a hacked account and believe they are related (or hired) to a Chinese criminal organization known to use identity information that is stolen online.