In this DEFCON talk at around 24:52 minute mark, the speaker (a Cambridge professor) tells a story of two brothers stealing millions of dollars using a weakness in credit card terminal technology, and then walking away scot-free because banks were too embarrassed to show any evidence against them. I was trying to find any other sources for this story before sharing it with my friends, but couldn't find anything. Is this story true?
Asked
Active
Viewed 468 times
10
-
4I think it was more than the embarrassment stated. That wasn't the only vulnerability, and the professor later says (26:00) that the banks were keen to blame users for (allegedly) making their PIN known, and at 32:05 the point about the unwillingness of banks to admit to the vulnerability is repeated. After all, if they admit there is a problem, that could mean accepting liability. – Weather Vane Feb 29 '20 at 12:34