2010 Bug Wreaks Havoc In Germany

The New Acunetix V12 Engine


This was pretty unexpected for most people, the Y2K bug was so over-hyped then nothing really happened. Then suddenly 2010 comes and everything goes haywire!

The first big news that struck was Spam Assassin which included all versions of cPanel, it started rejected almost all e-mails due to a bug in the spam detection rules with the 2010 date.

After that Symantec’s Endpoint Protection Manager caused a storm and a bunch of other stopped working, stopped updating or started acting weirdly.

A delayed Y2K bug has bitten hard at some 30 million holders of German debit and credit cards, making it impossible for them to use automatic teller machines and point-of-sale terminals since New Year’s Day.

Multiple news agencies said the outage stemmed from card chips that couldn’t recognize the year 2010. The DSGV, an association representing German banks, said engineers were working diligently to fix the problem, but a full resolution might not come until Monday.

The outage affected 20 million EC, or electronic cash, cards, which act as debit cards, and 3.5 million credit cards, according to the DSGV. A separate bank association known as BDB said about 2.5 million of its cards suffered from the same problem and another 4 million cards issued by Germany’s cooperative banks were at least partially touched.

The latest big news to hit is pretty huge, 30 million German customers are unable to use their debit or credit cars as the chips couldn’t process the 2010 date.

This is pretty serious as it needs a physical card replacement so could be very costly and time consuming for the banks involved.

It’ll be interesting to see what kind of solution they can come up with.

The reports are the latest to involve the inability of computers to properly handle the 2010 date. Just after midnight on New Year’s Day, Symantec’s Endpoint Protection Manager stopped accepting updates after it was hit by its own 2010 date bug. Soon after the first of the year, SpamAssassin began blocking huge amounts of legitimate email because they included the 2010 in their headers, a date so far off the spam filter assumed they had to be junk.

Kaspersky software also experienced massive update problems on December 30, according to support forums, but it’s not clear the new year had anything to do with them.

The German payment card snafu hit a variety of banks, although customers of Deutsche Bank reportedly were not affected. More from the AFP and Dow Jones is here and here.

I wonder how many other pieces of software are currently malfunctioning but no-one knows about it, I hope my banks accounting software has screwed up and it’s crediting me with 500% daily interest!

I’m sure there are plenty of other cases too that haven’t been reported (or at least not reported yet).

We’ll have to wait and see how widespread this 2010 bug really is.

Source: The Register

Posted in: Secure Coding


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.


4 Responses to 2010 Bug Wreaks Havoc In Germany

  1. Steve January 6, 2010 at 10:18 am #

    Looks like some Australian services were affected by something similar.

    2016 glitch at Bankwest too

  2. Jigoku969 January 6, 2010 at 10:50 am #

    yea this thing is really annoying, my credit card isn’t working , too:-(

  3. cbrp1r8 January 6, 2010 at 6:52 pm #

    “I hope my banks accounting software has screwed up and it

  4. Sebastian January 6, 2010 at 7:24 pm #

    There is a workaround. You can place a little cellotape on the chip, this will force most card readers to fallback on the magnetic strip. The magnetic strip is very insecure though!