Popular supermarket chain 7-Eleven has become the latest victim in a cyber attack. Attackers banked on a security flaw in 7-Eleven’s 7pay and stole around ¥55 million. This was done by making fraudulent payments from 7pay accounts of around 900 Japanese customers. The flaw, which was a faulty password reset function, could allow anyone to access 7pay accounts with password resets.
7pay is a mobile payments app developed by 7-Eleven that was intended for its Japanese customers. It was launched on July 1, 2019.
Key highlights
What actions were taken by 7-Eleven?
In the press release, the company mentioned that it immediately took action after the incident. “Currently, charges from credit cards and debit cards have been suspended, but Seven-Eleven storefront cash register at Seven Bank ATM, cash charges from ATMs and nanaco points will be suspended, and all charges will be suspended. In addition, we will stop the new registration of “7 pay (seven pay),” the company said.
Publisher