Further setback for online banking

Share this article:

Another internet banking security blunder has been revealed, leaving users able to view each others' credit details.

Customers visiting Morgan Stanley's credit card account center were able to opt in to a Microsoft function that remembers passwords. The next user could then access information using data remembered by the PC.

Morgan Stanley fixed the problem and assured customers that the security flaw had not yet been exploited.

"Morgan Stanley has received no customer complaints or calls on this issue to date, and to our knowledge, no accounts have been accessed improperly," read an email statement. Visitors to the site will now find that password recognition function is blocked.

Last week, Cahoot, the online offshoot of UK bank Abbey National, revealed a similar security flaw that enabled customers to view others account details.

Analysts have described the situation as another blow for the internet banking industry.

"If the Cahoot situation set online banking back six months then it's eight months now," said Graham Titterington, principal analyst at Ovum.

"It's clear that banks aren't protecting their customers. These sort of problems were happening a few years ago and I'm afraid to say, they are going to happen again."

www.morganstanley.com
www.ovum.com
www.cahoot.com

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in News

Sign up to our newsletters

More in News

WikiLeaks makes FinFisher surveillance software available to public

Copies of controversial surveillance software, called "FinFisher," were made available for public scrutiny by WikiLeaks.

Researcher challenges reports that BlackPOS variant struck Home Depot

Nuix believes the malware found on Home Depot's systems belongs to a different threat family.

Documents reveal NSA plans to map every internet connected device in the ...

Documents provided by Edward Snowden reveal that the NSA is looking to build a near real-time map of every single internet-connected device in the world.