Eir fixes security flaw eight months after it was notified of issue | #ios | #apple | #iossecurity


Eir, one of the country’s largest telecoms companies, has fixed a major security flaw on its website which put customer data at risk, eight months after first being notified about it.

The issue meant cybercriminals could potentially intercept customers’ user names and passwords as they logged into their accounts on the Eir.ie website, using what is known as a “man in the middle” attack. This data could potentially be used to illicitly gain access to Eir.ie or other websites.

The flaw affects iPhone users, even if they have the most up to date security settings on their phone.

Dylan Fermoyle of Corrata, a cybersecurity company which first discovered the issue last year, said the flaw is particularly dangerous as it affects customers even if they take steps to ensure cybersecurity steps on their end.

The issue results from companies using misconfigured security settings which means users’ connections to the website are encrypted using out of date technology.



Original Source link

Leave a Reply

Your email address will not be published.

− one = two