Outline ·
[ Standard ] ·
Linear+
Chat CIMB kena hack?
|
teehk_tee
|
 Dec 17 2018, 01:26 PM
|
|
QUOTE(Duckies @ Dec 17 2018, 01:19 PM) This is because when they changed the password policy to include special characters, they didn't force everyone to change their password. Therefore they have to cater logic for old password logic and also new password logic. But to implement it in this half ass way is plain stupid. This is not some wordpress blog yo. This is a fucking bank. #programmingtalk Loled cuz my wordpress also implement captcha. Now somebody cv can proudly boast, implemented industry leading security login system for leading bank in country. Captcha on a bank login screen fukken lul |
|
|
|
|
|
GPKGB
|
Dec 17 2018, 01:26 PM
|
New Member
|
QUOTE(zul_sur @ Dec 17 2018, 01:22 PM) should rejek altogether, this logic aaa, wait, part of the password is correct, let him in la, no need to check others A child’s logic better than this .. |
|
|
|
|
|
Duckies
|
Dec 17 2018, 01:27 PM
|
|
|
|
|
|
|
|
|
D-Frog
|
Dec 17 2018, 01:27 PM
|
|
|
QUOTE(Quantum Geist @ Dec 17 2018, 01:23 PM) those checks are supposed to be checked at server side, when kantoi client side it will give ideas to malicious people as to how the system in the back works. Now it make sense |
|
|
|
|
|
mycolumn
|
Dec 17 2018, 01:27 PM
|
|
|
QUOTE(hey_nello @ Dec 17 2018, 12:04 PM) https://twitter.com/campuscodi/status/10725...8210563/photo/1is card number / data leak.. I'm withdrawing everything this lunchtime yups. My colleagues are doing this too. Withdrawing all their money this afternoon. |
|
|
|
|
|
GPKGB
|
Dec 17 2018, 01:27 PM
|
New Member
|
QUOTE(lagista @ Dec 17 2018, 01:25 PM) sounds really stupid n reckless system !! wonder why with billions profits bank kenot hire proper IT people ?? Bank wants it chip maaa, I only know Maybank spent a lot on IT This post has been edited by GPKGB: Dec 17 2018, 01:28 PM |
|
|
|
|
|
shihnobie
|
Dec 17 2018, 01:29 PM
|
New Member
|
about paypal. does this mean, now register/link paypal pun dangerous sbb ppl kan hack paypal, but tak register/link paypal pun other people can do it instead of us?
|
|
|
|
|
|
zul_sur
|
Dec 17 2018, 01:29 PM
|
Getting Started
|
dev happy2 code, tester dont care, manager cannot wait to announce new release, media cannot wait to announce new security system.
|
|
|
|
|
|
Rhetoric
|
Dec 17 2018, 01:30 PM
|
|
|
QUOTE(BuLaDiFu @ Dec 17 2018, 01:18 PM) But its better to change your password to something longer though. Think someone linked a website just now and it said an 8 character password only needs 8 hours to break. Thats the thing, as an account holder i received zero communication from CIMB regarding this issue. the first i heard about the news is from Lowyat FB page and constant info from this thread. Official CIMB = 0 |
|
|
|
|
|
khainiz94
|
Dec 17 2018, 01:30 PM
|
|
|
QUOTE(linkinstreet @ Dec 17 2018, 01:22 PM) Some people were using bots to bruteforce password, since CIMB has no failed login limits. The CAPTCHA was supposed to slow the bots down Maybe they should have implemented the failed login limits. For security purposes. Heck even my Bank Rakyat online account have that 5 times limit. Once exceeded limits, my online banking will be blocked and need to call bank to unblock. Bank Rakyat yo. A small bank only. |
|
|
|
|
|
lagista
|
Dec 17 2018, 01:31 PM
|
New Member
|
QUOTE(GPKGB @ Dec 17 2018, 01:27 PM) Bank wants it chip maaa, I only know Maybank spent a lot on IT dealing with money must take care of security even casino go extra mile by hiring djin spirits from bomoh at main gate to kick out any punters trying to bring own djins to cheat in poker |
|
|
|
|
|
metaloid
|
Dec 17 2018, 01:31 PM
|
|
|
Reminds me of BSN issue that day. Due to maintenance upgrade the whole database screw up and people accounts were in a mess, not tally with original amounts. ggwp
|
|
|
|
|
|
briantwj
|
Dec 17 2018, 01:31 PM
|
|
|
No wonder starting last month I start seeing ppl say, if ppl ask for u tac, don't give. Must be that time already got ppl exploiting. But they need the TAC to buy stuff or transfer. So they msg ppl to get TAC.
|
|
|
|
|
|
HMMaster
|
Dec 17 2018, 01:31 PM
|
10K Club
|
Microsoft also have something similar on the password length.... even though it is longer. https://thenextweb.com/microsoft/2012/09/21...words-shortens/ |
|
|
|
|
|
cyhborg
|
Dec 17 2018, 01:32 PM
|
New Member
|
QUOTE(linkinstreet @ Dec 17 2018, 01:22 PM) since CIMB has no failed login limits seriously?  |
|
|
|
|
|
teehk_tee
|
Dec 17 2018, 01:32 PM
|
|
|
QUOTE(khainiz94 @ Dec 17 2018, 01:30 PM) Maybe they should have implemented the failed login limits. For security purposes. Heck even my Bank Rakyat online account have that 5 times limit. Once exceeded limits, my online banking will be blocked and need to call bank to unblock. Bank Rakyat yo. A small bank only. Bank rakyat.. Not even a bank under pidm yoh... Security higher than leading bank |
|
|
|
|
|
vassilius
|
Dec 17 2018, 01:33 PM
|
|
|
even among my small group of friends already got some kena unauthorized transaction d.... can u imagine how many already kena?
good luck to the entire CIMB IT division
|
|
|
|
|
|
Zot
|
Dec 17 2018, 01:33 PM
|
|
|
QUOTE(metaloid @ Dec 17 2018, 01:24 PM) I hope they start introducing Fingerprint authorization like Maybank app. Do you think fingerprint is secure? There is no 100% reliable biometric ID, even DNA. At least password has to be 100% the same  |
|
|
|
|
|
marma88
|
Dec 17 2018, 01:33 PM
|
New Member
|
 last October my cimb cc kena hack..GBP274 (RM1496)..I received the SMS from cimb my cc had been charged...I immediately called the cimb cs n make report...they terminated the cc and replace a new one...fortunately they refund less than a month... |
|
|
|
|
|
buraqdunia
|
Dec 17 2018, 01:33 PM
|
|
|
QUOTE(shihnobie @ Dec 17 2018, 01:29 PM) about paypal. does this mean, now register/link paypal pun dangerous sbb ppl kan hack paypal, but tak register/link paypal pun other people can do it instead of us? it's not bout hack a paypal w\o reg or link w\ yr DC or CC . When u do trans. there is no 3D verification in M'sia. w= with o=out |
|
|
|
|
Quote
0.0276sec
0.80
6 queries
GZIP Disabled