If you travel and make payments on travel-related websites or smartphone apps, your credit card number and the three-digit CVV number on the back of your card may have been exposed to hackers. In fact, 500,000 people may be at risk for having their financial information stolen by hackers.
The cybersecurity firm Wandera found a vulnerability on the computer systems of 16 well-known companies. These companies simply didn't take basic step of encrypting your information to secure it.
Encryption takes your online profile and scrambles it. Encryption is incredibly difficult for hackers to break through without a password.
The so-called CardCrypt vulnerability found by Wandera is scary. It potentially exposed not only your credit card and CVV numbers to hackers, but also your personal information. Wandera found that some of these companies' lax security may have exposed your home address, name, email address and passport information.
The 16 companies affected by the CardCrypt vulnerability were: Air Canada, American Taxi, CN Tower, Get Hotwired, San Diego Zoo, Tribeca Med Spa, Easyjet, Aer Lingus, Chiltern Railways, Dash Card Parking, KV Cars, PerfectCard.ie, 1Robe.fr, Oui Car, Air Asia and Sistic.
"Each of the companies has been failing one of the most basic of security requirements by not fully encrypting the traffic to the payment portion of their mobile website or app," according to Wandera. "This means that customers who use these services unknowingly may have had their credit card information sent 'in the clear,' and have been at risk of having information stolen."
The cybersecurity firm added that there isn't a good reason to not encrypt your credit card payment information. "It is bad practice."
There is some good news report regarding CardCrypt. Wandera reports that six of the companies are no longer at risk: San Diego Zoo, Air Canada, Air Lingus, Easyjet, Chiltern Railways, and CN Tower.
Note: Make sure you are keeping yourself protected online. Check out the Komando Security Center for suggestions on how to protect your identity and your digital devices from security threats in the digital world.