Recently two 14 year old boys in Canada were able to locate online an operator’s manual for ATMs. Matthew Hewlett and Caleb Turon then decided to try out the instructions to see if they could get access to an ATM. They went to an ATM at a local super market and were surprised to find that the operator’s manual gave them all of the information they needed to reprogram the ATM with the exception of the password for the ATM, which they managed to guess on their first try by using 000000 which is a common default setting for many ATMs. The boys did not exploit the lax security of the Bank of Montreal ATM they hacked, but rather reported it to the bank. The boys did the hacking on their lunch hour and were late returning to school, however Bank of Montreal officials wrote them a letter on bank stationary requesting that their tardiness returning to school for afternoon classes be excused. The bank should have paid them a reward for exposing their lax security.
Too many companies and people still use the default passwords on many of their devices. This should be a good wake up call to everyone that it is important to have a different, complex password for all of your electronic devices.