Big security glitch Target.com, Amazon and others haven't fixed - My29 WFTC Minneapolis-St. Paul

The big security glitch Target.com, Amazon and others haven't fixed

Posted: Updated:

Some major retail websites have a security glitch that could put customers' personal information in the wrong hands -- and one of those sites is Target.com.

Target Corp. is certainly familiar with security issues. Over the busy Black Friday holiday shopping season, the personal information of an estimated 110 million customers was compromised. Now, a local security expert says a "misconfiguration of encryption software" could allow hackers to use stolen information to go on shopping sprees online and leave unsuspecting customers with the tab.

Since the massive data breach at Target last year, the company has tried to reassure customers that their credit card and personal information is safe and secure -- but Mark Lanterman, CEO of Computer Forensic Services, says there's one gaping flaw the bulls eye brand hasn't zeroed in on yet.

"Nobody's perfect, and I'm sure they've done an end-to-end security audit, but they missed this," he said.

In January, Lanterman explained how hackers could steal customers' user names and passwords from some of the biggest retail sites -- including Target.com -- with under $100 in equipment.

All the hackers have to do is set up a Wi-Fi network that prevents encryption under a familiar name in a public space -- like a coffee shop. Then, when people sign in, the hacker can see their private information in the lines of code.

Yet, three months later, Target remains one of several major companies that still hasn't fixed the glitch.

"My understanding is: Target is aware of this and their perspective is, 'This is a problem with the Internet,' it has nothing to do with their webpage and there's nothing they could do to fix it anyway," Lanterman said.

The only problem is that's not true. So far, TCF Bank, PayPal and even MNsure have closed that same flaw -- sometimes in less than a day.

Furthermore, Lanterman said that even though Target claims its website is secure, it's clearly not.

"I would control your mailing address," he explained. "I would have access to your credit card information, and I could charge things on your account -- and I shouldn’t be able to do that."

Target isn't alone. Lanterman says companies like Apple, eBay and Amazon.com have the same problem -- but none of them have already had a massive security breach that caused customer confidence to take a big hit.

"You can't just put your head in the sand and hope this goes away," Lanterman said. "Just fix it."

Lanterman said customers can protect themselves by bringing their own Internet on the go via a hotspot.

  • Most Popular StoriesMost Popular StoriesMore>>

  • 28 new foods at Minnesota State Fair in 2014

    28 new foods at Minnesota State Fair in 2014

    Wednesday, June 25 2014 2:57 PM EDT2014-06-25 18:57:53 GMT
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
    The Minnesota State Fair is adding 28 new foods to the already massive, artery-clogging list of 500 foods from 300 different vendors. New food include everything from a bacon-wrapped turkey leg and beer gelato to a shrimp dog and chocolate salami.
  • VIDEO: 180-mph double crash during Brainerd drag race

    VIDEO: 180-mph double crash during Brainerd drag race

    Wednesday, August 20 2014 8:53 PM EDT2014-08-21 00:53:09 GMT
    Photo courtesy of NHRA on YouTubePhoto courtesy of NHRA on YouTube
    When it comes to drag racing, rocket-type speed is the name of the game -- but that also means things can go wrong very quickly, and a double crash at a Brainerd, Minn., track is another grim reminder.
    When it comes to drag racing, rocket-type speed is the name of the game -- but that also means things can go wrong very quickly, and a double crash at a Brainerd, Minn., track is another grim reminder.
  • Ramsey County releases wanted poster for Ty Hoffman

    Ramsey County releases wanted poster for Ty Hoffman

    Thursday, August 21 2014 1:25 PM EDT2014-08-21 17:25:41 GMT
    The Ramsey County Sheriff's Office has released an updated wanted poster including a reward of up to $10,000 for information leading to the arrest of Ty Hoffman, a suspect in connection to the murder of Lush Food Bar co-founder and Boston Scientific executive Kelly Phillips.
    The Ramsey County Sheriff's Office has released an updated wanted poster including a reward of up to $10,000 for information leading to the arrest of Ty Hoffman, a suspect in connection to the murder of Lush Food Bar co-founder and Boston Scientific executive Kelly Phillips.
Widgets Magazine
Powered by WorldNow

WFTC-TV
11358 Viking Drive
Eden Prairie, MN 55344

Phone: (952) 944-9999
Fax: (952) 942-0455

Didn't find what you were looking for?
All content © Copyright 2000 - 2014 Fox Television Stations, Inc. and Worldnow. All Rights Reserved.
Privacy Policy | New Terms of Service What's new | Ad Choices