Is there a list of credit unions that are affected by this, or who are partners with CU Solutions Group? I couldn’t find any information on their web site.

P03 Locke
link
fedilink
English
49M

There are far too many local to mid-size banks that have a shocking lack of security. Logins without HTTPS, banks using ancient transfer protocols, web sites that can recover your full password in plaintext.

My old mortgage company had a bug where if you hit the Login button twice, it would redirect to a GET request with my password on the query string. Good thing I was re-financing away to some other company that actually gave a shit.

Even with all of the security standards out there, like PCI, NIST 800-53, SOX, FedRAMP, etc., there is not enough enforcement to punish these fucking lazy assholes from leaking data like this. Even in the larger sectors, it’s just a constant pattern of buying out more shitty banks with different platforms and policies, until you have this mess of mismatched everything that can’t be unified into sane standards.

Create a post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

  • 1 user online
  • 65 users / day
  • 175 users / week
  • 621 users / month
  • 2.31K users / 6 months
  • 1 subscriber
  • 3.28K Posts
  • 67K Comments
  • Modlog