Payments startup PAAY exposed almost 2.5 mln credit card data

Thursday 23 April 2020 12:07 CET | News

A massive database that belongs to PAAY, storing millions of credit card transactions, has been secured after spending close to three weeks exposed publicly to the internet.

PAAY is a card payments processor based in US, and it verifies payments on behalf of selling merchants, like online stores and other businesses, to prevent fraudulent transactions.

TechCrunch was told that there were estimated about 2.5 million card transaction records in the database. PAAY said that an error was made that left that database exposed without a password. Moreover, the database contained daily records of card transactions dating back to 1 September 2019 from a number of merchants. Each transaction contained the full plaintext credit card number, expiry date, and the amount spent, as well as a partially masked copy of each credit card number. The data did not include cardholder names or card verification values, making it more difficult to use the credit card for fraud.

More: Link

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: US, payments , startup, credit cards, data, personal information, card verification, merchants, fraud, breach, transactions , data exposure, passwords
Categories: Fraud & Financial Crime
Countries: United States
This article is part of category

Fraud & Financial Crime