Remove Compromise Remove Credential Remove Multifactor Authentication
article thumbnail

Chatbot Company Sued By Delta Over Data Breach

PYMNTS

The airline claims that 24[7] fell short of implementing basic security controls like forbidding workers from using the same login credentials or requiring multifactor authentication for employees accessing source code. According to the news outlet, hackers changed the source code of the chatbot via compromised credentials.

article thumbnail

Combating ATOs With Multifactor Authentication, Behaviors Analysis And Customer Education

PYMNTS

Customers cannot afford to let fraudsters compromise their bank accounts under any circumstances, but the current economic climate makes attacks all the more painful. Reusing passwords puts consumers at greater risk because fraudsters who can compromise an account with one business can use those details to gain entry into others.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Deepfakes Threaten To Become The New BEC Scam

PYMNTS

The business email compromise (BEC) scam continues to rear its ugly head at the enterprise, with the global pandemic creating even more avenues through which cyber attackers can steal company money. At the heart of BEC and other scams is impersonation.

article thumbnail

Timehop Discloses Data Breach That Impacts 21M Users

PYMNTS

Timehop did share that certain keys, which allow the app to read and display customers’ social media posts, were also compromised; the company subsequently deactivated the keys so they can no longer be used. As a result, users will have to re-authenticate to the Timehop app.

article thumbnail

Deep Dive: How FIs Can Upgrade Authentication Measures To Foil Fraudsters? Open Banking Attacks

PYMNTS

FIs may need to provide data to FinTech startups without dedicated cybersecurity teams, for example, which could then be more easily compromised by hackers who will steal sensitive bank customer data. MFA requires customers to prove their identities by providing at least two types of credentials.

article thumbnail

Adversary-in-the-middle fraud: A growing concern for payments providers in 2025

The Payments Association

When the victim enters their credentials, the attacker captures these details and may steal session cookies to bypass multifactor authentication (MFA). Using stolen session cookies, the attacker can authenticate themselves into the victim’s account, gaining unauthorised access to emails or other resources.