Further setback for online banking

Share this article:

Another internet banking security blunder has been revealed, leaving users able to view each others' credit details.

Customers visiting Morgan Stanley's credit card account center were able to opt in to a Microsoft function that remembers passwords. The next user could then access information using data remembered by the PC.

Morgan Stanley fixed the problem and assured customers that the security flaw had not yet been exploited.

"Morgan Stanley has received no customer complaints or calls on this issue to date, and to our knowledge, no accounts have been accessed improperly," read an email statement. Visitors to the site will now find that password recognition function is blocked.

Last week, Cahoot, the online offshoot of UK bank Abbey National, revealed a similar security flaw that enabled customers to view others account details.

Analysts have described the situation as another blow for the internet banking industry.

"If the Cahoot situation set online banking back six months then it's eight months now," said Graham Titterington, principal analyst at Ovum.

"It's clear that banks aren't protecting their customers. These sort of problems were happening a few years ago and I'm afraid to say, they are going to happen again."


Share this article:

Next Article in News

Sign up to our newsletters

More in News

Virgin Media email blunder leads to breach affecting 130k

The message snafu affected only customers with a Virgin.net account.

German Aerospace Center discovers spy malware on network

The possibly foreign malware affected all computer systems and left little for investigators to work from because it was designed to self-destruct.

A Starbucks scam is brewing, phishing emails contain Zeus attachment

Emails purporting to come from Starbucks actually come attached with a modified version of the Zeus banking trojan, but numerous spelling and grammar mistakes should give the scam away.