Dashboards used to remotely oversee and operate thousands of credit card payment terminals made by the industry major Wiseasy were accessible to hackers.
Restaurants, hotels, shops, and schools all employ Wiseasy’s Android-based payment terminals. Wiseeasy can remotely manage, configure, and update customer terminals via the internet with the use of its Wisecloud cloud service.
The hackers used the malware on the company’s employee PCs to have access the passwords. Two cloud dashboards were compromised, but neither had two-factor authentication or other fundamental security measures in place, giving hackers access to about 140,000 Wiseasy payment terminals all over the world.
The company acknowledged that the problem had been fixed and that two-factor authentication had been added to the dashboards.