U.S. Government Payment Services Site Leaks Over 14 Million Customer Records

High angle view of credit card with security lock on computer keyboard. Computer keyboard is in full frame position, defocussed. Focus on lock. Horizontal composition. Image developed from RAW format.

Government Payment Service Inc — the company thousands of local governments in the US use to accept online payments for everything from court-ordered fines and licensing fees — has compromised more than 14 million customer records dating back to 2012, KrebsOnSecurity reports. According to the security investigation site, the leaked information includes names, addresses, phone numbers and the last four digits of credit cards.

KrebsOnSecurity alerted the company — which does business as GovPayNow.com — to the problem on September 14th. The site found that it was possible to view millions of customer records simply by tweaking the digits in the web address displayed by each receipt. Two days later, the payment site released a statement saying it had addressed a “potential issue,” and that while there was “no indication that any improperly accessed information was used to harm any customer” the company has nonetheless updates its systems to prevent the issue reoccurring.

Click here to read more.

SOURCE: Engadget, Rachel England