7-Eleven’s mobile payment app shut down after hackers nab $500K from customers

Keen to jump on the mobile payments bandwagon, 7-Eleven’s Japanese business recently launched 7Pay for customers looking for a quick and easy way to purchase items in-store.

But just days after the system went live at the beginning of last week, a number of customers started complaining that they were being charged for items they hadn’t bought.

The company has now suspended use of its mobile payment service while it investigates 7Pay’s security procedures, or lack thereof. In a statement released at the end of last week, 7-Eleven admitted that hackers had accessed the app and made bogus transactions affecting 900 customers to the tune of $506,000.

On Saturday, July 6, the Japan Times reported the arrest of two Chinese men who may be connected to the hack, with one of them suspected of attempted fraud after paying 730,000 yen (about $6,750) to purchase nearly 150 cartons of e-cigarette cartridges from a 7-Eleven store in Tokyo, allegedly using stolen IDs.

7Pay working using a bar code that appeared on the customer’s smartphone, with a cashier scanning it to charge the cost of the items to the customer’s linked debit or credit card.

But a report by ZDNet said the app was so poorly designed that it allowed anyone with knowledge of a customer’s email address, date of birth, and phone number to take over an account.

The hacker did this by using the data to reset an account’s password, with the reset link able to be sent to the hacker’s email address instead of the account owner’s. The hacker could then take control of the account.

The suggestion is that hackers automated the attack using information gathered in previous online security breaches targeting Japanese databases.

The alarming ease with which hackers were able to exploit 7Pay prompted the Japanese government to get involved, with the Ministry of Economy, Trade, and Industry accusing 7-Eleven of failing to properly adhere to guidelines preventing such unauthorized access. The company, which operates more than 20,000 stores in Japan, has apologized for the mishap and promised to fully reimburse those affected.

The 7Pay incident brings to mind another mobile payment breach several years ago when the now-defunct CurrentC system was targeted by hackers during its testing phase. Whether 7Pay will be resurrected with much-improved security or ends up going the same way as CurrentC remains to be seen.

Computing

Slack is resetting user passwords in response to a 2015 data breach

In response to recently discovered information regarding a 2015 data breach, collaboration software company Slack will be resetting the passwords of some of its user accounts beginning July 18.
Computing

Is your PC slow? Here's how to restore Windows 10 to factory settings

Computers rarely work as well after they accumulate files and misconfigure settings. Thankfully, with this guide, you'll be able to restore your PC to its original state by learning how to factory reset Windows.
Mobile

An unknown number of Sprint customers had their personal info stolen by hackers

Hackers stole an unknown number of Sprint users' data after breaching the Samsung.com “add a line” website, according to a letter Sprint sent to impacted customers. Names, addresses and other personal information was all taken in the…
Mobile

Apple backs down, returns parental control app OurPact to App Store

Parental control app OurPact has returned to the iOS App Store, several months after it was removed due to privacy concerns. In April Apple removed parental control apps which used a technology called Mobile Device Management (MDM).
Mobile

Free yourself! How to unlock a phone from the icy hands of your wireless carrier

Do you want to know how to unlock a phone through your carrier or a third-party service like DoctorSIM? Regardless of which way you want to go, we've compiled a list of requirements and methods for doing so.
Music

How much is Spotify Premium, and how can you get it at a discount?

Having access to millions of songs comes at a price -- albeit, a pretty small one. Before you figure out how much Spotify Premium is going to cost, you will want to see if you qualify for a discounted (or even free) subscription.
News

AT&T accused of selling customers’ location data to bounty hunters and stalkers

AT&T was hit with a lawsuit Tuesday accusing it of selling customers’ real-time location data to third parties like credit agencies and bail guarantors, along with bounty hunters and stalkers, without having customer consent. 
Mobile

St. Paul, Minnesota, is the latest U.S. city to access Verizon's 5G network

Verizon is in the midst of a massive 5G rollout. Its mobile 5G network is now available in select areas of several cities such as Chicago and Denver. Here's everything you need to know about Verizon's 5G network.
Mobile

Renders suggest the Huawei Mate 30 Pro may have a special cinematic camera lens

The Huawei Mate 30 and Mate 30 Pro may join the Mate X folding phone as the company's star products for late 2019. This is what we know about the Huawei Mate 30 and Mate 30 Pro so far.
News

Worried about how FaceApp is using your photos? Here’s how to delete your data

Are you concerned about your privacy with FaceApp? If so, you might want to delete your data from the app. The app has come under fire for its terms of service and privacy policies that it can use your face photos in any way it wants to. 
Mobile

A.I. photo filters use neural networks to make photos look like Picassos

Artificial Intelligence apps put a novel spin on social network-style photo filters. Instead of just overlaying an effect, these photo filters use machine learning and neural networks to transform an image into a predetermined style.
Mobile

Samsung’s latest RAM chips can move data superfast on your next-gen smartphone

Samsung just announced its fastest RAM chips yet, boasting 44 GB/s transfer speeds with LPDDR5 technology on a 10-nm process. These 12-gigabyte monsters are meant to take 5G and A.I. to the next level on your next-gen smartphone.
Mobile

Big, beautiful, and breakable: Check out the best Galaxy S8 Plus cases

There’s no denying Samsung’s ability to turn out an attractive smartphone, but glass curves are expensive to fix and metal chips easily. We've rounded up the best Galaxy S8 Plus cases on the market.
Wearables

FCC filing reveals impressive specs for luxury Movado Connect 2.0 smartwatch

It's been a while since we saw a smartwatch from luxury watchmaker Movado, but that drought may be over soon. FCC filings for the Movado Connect 2.0 have surfaced, and they paint a picture of a high-spec smartwatch.