Get a Pentest and security assessment of your IT network.

News

DPD Group parcel tracking flaw may have exposed customer data

An unauthenticated API call vulnerability in DPD Groups package tracking system could have been exploited to access the personally identifiable details of its clients. Researchers at Pen Test Partners explored the system and found that they could try out parcel codes on API calls and get back OpenStreetMap addresses with the recipient’s position on the map. The way this API attack worked is random, as one cannot guess parcel numbers for given identities, but it would still be useful in the hands of phishing actors.”]

Source: https://www.bleepingcomputer.com/news/security/dpd-group-parcel-tracking-flaw-may-have-exposed-customer-data/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Who and why is attacking companies in the Nordic Countries?

News

Shamoon Malware, cyber espionage tool, cyber weapon or