Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Thieves found Citigroup site an easy entry (

klubar writes: After logging in, theives used a simple GET replacement to switch among Citibank credit card accounts. Anyone with a simple browser sniffer (fiddler tools, and many others) can see the URL strings. This one appears to be even easier as it was in the URL string. You think that they would have checked for such a rookie mistake and put in better security. It's also interesting that it took so long to discover.

Everybody needs a little love sometime; stop hacking and fall in love!