A security researcher has identified Wiseasy admin credentials on the black market. Wiseasy is a manufacturer of financial terminals and payment technology services widely used in the hospitality industry and other domains where card payments are necessary.
Point of sale (POS) devices are often under attack mainly because they deal with credit card transactions, but they also hold personal information of many customers. POS devices remain prime targets for attacks, but the recent Wiseasy incident is different, although it affects the same types of devices.
Security researchers from Buguard discovered that Wiseasy employee credentials, including admin ones, were available online. This would let attackers log in into the Wiseasy cloud platform. Moreover, the cloud dashboard had no extra protection, such as two-factor authentication, which is always needed, especially when dealing with financial and personal information.
According to a TechCrunch report, some of the exposed information included names, phone numbers, email addresses, Wi-Fi names, and much more. In total, attackers would have had direct access to around 144,000 Wiseasy terminals worldwide.
To make matters worse, the security researchers contacted the company but could not get a clear answer. They tried to speak with people at the company, only to have meetings canceled at the last minute. They had even sent screenshots showing the type of access they had.
Following multiple questions and requests for comments, Wiseasy eventually said they enabled two-factor authentication for the dashboards, but it’s unclear whether they plan to notify their customers as well.