Fiserv

Fiserv, Inc.'s web platform exposed personal and financial details of countless customers across hundreds of bank Web sites.

Customer’s email address, phone number and full bank account number was accessible and editable.

A cyber criminal could abuse this access to enumerate all other accounts with activity alerts on file, and to add or delete phone numbers or email addresses to receive alerts about account transactions.

Source: https://krebsonsecurity.com/2018/08/fiserv-flaw-exposed-customer-data-at-hundreds-of-banks/

"id": "FIS01771122",
"linkid": "fiserv",
"type": "Data Leak",
"date": "08/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"