How I Hacked into a Bank

In the early days of online banking, it wasn’t done through the internet. It was done though dial-up networking. There were very few banks willing to try online banking because it was expensive to implement, fraught with risks, and the demand for this capability was in its infancy.

One bank in Texas decided to launch online banking. They had a decent product that you would dial into where you could setup payees, write checks that they would print and mail for you, and do some account transfers, etc. They had a bank of modems you could dial into to access this system.

I was one of the first users of this system and was very excited to see this new technology. I really wanted it to be successful. If someone were able to do any serious damage, it could result in the passing of laws forbidding online banking. So I wanted to know for sure that it was safe. I took it on myself to do some testing.

In the end, I found a way to bypass their security system and I could get into any account on their system. In fact, it was easy to do and I could go into anyone’s account and write checks to myself if i wanted to. Of course I would get caught if I did, but I wasn’t interested in stealing.

Once I figured out the exact problem, I contacted the bank and had them get the programmer to call me. The programmer called me and I explained the precise weakness in their software and how to fix it. She did that and online banking was secure from that point forward. Great.

She wrote me a nice letter of commendation that I kept for a few years. But that document was lost. Unfortunate for me because it meant a lot to me. This is my favorite white-hack hacking example. It was on old-school penetration testing attack. I’m just glad they took my advice and fixed the problem instead of coming after me for exploiting their server.