Ituran, which provides a service for recovering stolen vehicles, closed the users’ area of its web page over the weekend after a software developer revealed how easy it would be far hackers to access customers’ private data.
The developer, who asked not to be identified, said that hackers taking advantage of a security vulnerability would have been able to see a customers’ home address; telephone, identify and license numbers as well as the last four numbers of his or her credit card in some case where the customer’s car is and even a history of the vehicle’s movement.
The developer said he was informed of the vulnerability from a friend who had recently signed up for the service and tested it himself.
Ituran said in response: “Our investigation indicates that the password-management policy requires upgrading to prevent attempts at infiltration, so we are working to reduce the exposure immediately and at the same time introduce a new password mechanism.”
Want to enjoy 'Zen' reading - with no ads and just the article? Subscribe todaySubscribe now