Online financial firm hacked

Financial software and services company S1 confirms an attacker gained access to one of the company's servers.

Online financial services provider S1 acknowledged Friday that it suffered an electronic break-in last month, when an unknown attacker exploited a security flaw to access one of the company's servers.

While he would not discuss details of the intrusion, Paul Citarella, vice president of marketing for the Atlanta-based company, said that the attack did not affect the company's operations.

"A minor incident did occur where someone leveraged a vulnerability in third-party software to access data that they should not have," he said. "All of our banks are up and running and there has been no fraud following the incident."

The company provides software and services for financial institutions ranging in size from the goliath Bank of America to small community banks. In total, S1 has more than 1,000 customers worldwide, according to its Web site.

Citarella added that S1 has called in both the FBI and an independent security firm to investigate the matter. But a representative of the FBI field office in Atlanta said that they were not aware of the incident and were not investigating.

Details of the intrusion were first reported on security Web site SecurityFocus.

The attackers had access to a Windows NT directory that houses Web banking customers' login names and encrypted passwords, the report stated. Using "brute force" decryption techniques, a hacker could decrypt the passwords and compromise accounts.

The incident took place on June 19, according to the SecurityFocus report. Citarella would not confirm the date.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Acer introduces a stackable, modular PC

Acer intros a modular PC; the PS4's next update is a big one; why renting cable boxes is crazy; and Google's war on full-screen mobile ads.

by Jeff Bakalar