At that point, the hacker said, they requested the user credentials by sending the ID to the company servers with a web request that returned usernames and passwords in plaintext. With a script to automate that process, L.M. said he harvested all the customers’ credentials.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s