Mastercard's Five-Year-Old DNS Error
2025-01-22
A security researcher, Philippe Caturegli, uncovered a nearly five-year-old error in Mastercard's domain name server settings. This misconfiguration could have allowed anyone to intercept or divert internet traffic for the company by registering an unused domain name. Caturegli spent $300 to register the domain 'akam.ne' to prevent its exploitation by cybercriminals. Mastercard acknowledged the mistake but claimed no real security risk existed. The incident highlights the potential for significant vulnerabilities in even large organizations' DNS configurations.