Old Redbox Kiosks Hacked to Expose Customers’ Private Details

 

DVD Rental Service Redbox may be a thing of the past, but the data privacy issues it created for users may persist for some time. Redbox allows users to rent DVDs from its 24,000 autonomous kiosks throughout the United States. Its parent company, Chicken Soup for the Soul, declared bankruptcy in July 2024, after the emergence of streaming platforms such as Netflix and Prime Video decimated the DVD rental market. 

According to Ars Technica, one programmer reverse-engineered the hard drive of an old Redbox Kiosk and recovered users’ names, emails, and rental histories from about a decade ago. In certain cases, Foone Turing, a California-based programmer, discovered parts of users’ credit card data stored on hard drives, such as the first six and last four numbers of the credit card used, as well as transaction history. 

Turing stated in a social media post that she tracked down a film fan from Morganton, North Carolina, who supposedly rented The Giver and The Maze Runner in 2015. According to her, “anyone with basic hacking skills could easily pull data manually out of the files with a hex editor,” completing: “This is the kind of code you get when you hire 20 new grads who technically know C# but none of them have written any software before.”
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: