Published in News

Hungarian company arranges arrest of helpful teen

by on24 July 2017


Causes PR meltdown

Budapest's public transportation authority is suffering from the PR format of arranging for the arrest of an 18 year-old who found an obvious security hole in its website. 

According to Bleeping Computer, the young man discovered that he could access BKK's website, by pressing F12 to enter the browser's developer tools mode, and modifying the page's source code to alter a ticket's price.

The teenager reported the issue to BKK, but rather than thanking him the outfit called the cops and filed a complaint accusing the young man of hacking their systems. They then made the matter worse by calling up the media and claiming that they had caught “a hacker” but their systems were so secure that it caught him in the act.  If your security system depends on the hacker ringing you up and telling you you have a security hole then we guess BKK had the ultimate security system.

Coppers dragged the kid out of bed at midnight. When news leaked out it was revealed that the site’s security really was pants and it drew attention to BKK and its manager Kálmán Dabóczi.

Dr Daboczi Kalman

People started asking questions as to why Dabóczi was paying around $1 million per year for maintenance of its IT systems, when it was so vulnerable to hacking in such a ludicrously simple manner.

Apparently the beneficiary of this contract is a local company called T-Systems, which ironically sponsored an "ethical hacking" contest.

Talking to Hungarian press, the young hacker said he only had the best intentions when he reported the issue to BKK and said he hopes the organization withdraws its criminal report. More than 45,000 users have left one-star reviews on a company's Facebook page.

International users started leaving their own thoughts on BKK's page after the incident become a trending topic on Reddit.

Last modified on 24 July 2017
Rate this item
(0 votes)

Read more about: