If You Own An ATM, You Probably Want To Change The Default Password
from the 123456-really-isn't-very-secure dept
Nearly two years ago, we posted a story about how easy it was to find the user manuals for certain automatic teller machines online, and then use the default passwords listed in them to reprogram the machines so they'd give out $20 bills when they thought they were giving out $5s or $1s. The fix for this was easy -- change the default passcode -- but apparently it wasn't hard to find machines whose owners' hadn't changed them. Somehow, it really isn't too surprising to find out that, despite the publicity, some ATM owners still haven't bothered to change them, and are getting hit by the same scam. The owner of the machine in question this time, at a market in Pennsylvania, says that he was never told he needed to change the master passcode from "123456", and says it's not his job to know the technical ins and outs of the ATM he owns (despite, of course, owning it and the money inside); the ATM's manufacturer disagrees. As is the case with most things, there's probably enough blame to go around here. So, to the ATM company: it might be a good idea to reinforce the need for owners to change their machines' passwords. And ATM owners: change the default passwords.