Hackers have reportedly stolen thousands of passwords to gain access to dashboards used to remotely manage and control thousands of credit card payment terminals manufactured by digital payments company Wiseeasy. In this report TechCrunch Citing the cyber security startup, Bagard. Based in Singapore sensible is an Android-based payment terminal used across hotels, restaurants and retail outlets Asia Pacific territory
“Wieasy enables banks, acquirers, fintech companies, telecom operators and industry solution providers to provide a variety of financial services to a wider audience in a more cost-efficient and convenient manner,” the company says on its website.
How did the hackers get in?
Hackers were able to gain access to Wiseeasy’s systems through employees’ computer passwords that were apparently being stolen by the malware. Yusuf MohammedBoogaard’s chief technology officer told TechCrunch that Wiseeasy employee passwords used to access Wiseeasy’s cloud dashboards — including the ‘admin’ account — were found on a dark web marketplace actively used by cybercriminals.
He said two cloud dashboards were exposed, and claimed that none had even basic security features like two-factor authentication. This allowed hackers to easily break into the company’s payment terminals around the world. Wiseeasy claims to have offices in 114 locations worldwide.
The BeauGuard CTO claimed on the website that they tried to inform Vaizey about the compromised dashboards in early July. However, efforts to announce a settlement were met with meetings with officials that were later canceled without prior information. He further claimed that the company refused to say whether the cloud dashboards would be secure.