Article 6RJWV Turns out Redbox's derelict kiosks are a big red security risk

Turns out Redbox's derelict kiosks are a big red security risk

by
Danny Gallagher
from Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics on (#6RJWV)

It's only been three months since the implosion of Redbox, but the company's familiar red kiosks could become a security nightmare as they're sold to the highest bidders.

Gizmodo reports at least one owner of a defunct DVD and Blu-ray dispenser found a way to obtain customers' private information from an encrypted file on the machine, which contained more than just one person's penchant for the Trolls franchise. The database also contained sensitive data like personal emails and home addresses.

On Mastodon, programmer Foone Turing, a self-described collector of weird things, said she cracked the encrypted files from a Redbox machine and matched the information she found to a real person.

The file she obtained came from a Redbox machine that had operated in Morganton, North Carolina. The information she pulled from the file showed a customer's name, ZIP code and usage history. If you're curious, they rented a copy of The Giver and The Maze Runner. I'll bet that person is thankful they decided not to take out a copy of Disney's Lone Ranger reboot.

Turing told Lowpassshe was even able to obtain part of some customers' credit card information. Even though there wasn't an entire log, she noticed it still had the first six and the last 4 [digits] of each credit card used, plus some lower-level transaction details."

It also didn't take a lot of hacking know-how to crack the machines. The code Redbox used to program the machines is the kind of code you get when hire 20 new grads who technically know C# but none of them has [sic] written any software before," Turing wrote on Mastodon.

Now here's the kicker. It's clear that Redbox's parent company, Chicken Soup for the Soul, didn't do a great job of wiping the machines before selling them off like old shoes at a garage sale. There are over 24,000 kiosks and some people are even buying them from the store and taking the things home. Suddenly, paying a couple of extra bucks for Netflix doesn't sound as bad right now.

We've reached out to Chicken Soup for the Soul for comment.

This article originally appeared on Engadget at https://www.engadget.com/entertainment/tv-movies/turns-out-redboxs-derelict-kiosks-are-a-big-red-security-risk-192246034.html?src=rss
External Content
Source RSS or Atom Feed
Feed Location https://www.engadget.com/rss.xml
Feed Title Engadget is a web magazine with obsessive daily coverage of everything new in gadgets and consumer electronics
Feed Link https://www.engadget.com/
Feed Copyright copyright Yahoo 2024
Reply 0 comments