2010 Bug Wreaks Havoc In Germany

This was pretty unexpected for most people, the Y2K bug was so over-hyped then nothing really happened. Then suddenly 2010 comes and everything goes haywire!

The first big news that struck was Spam Assassin which included all versions of cPanel, it started rejected almost all e-mails due to a bug in the spam detection rules with the 2010 date.

After that Symantec’s Endpoint Protection Manager caused a storm and a bunch of other stopped working, stopped updating or started acting weirdly.

A delayed Y2K bug has bitten hard at some 30 million holders of German debit and credit cards, making it impossible for them to use automatic teller machines and point-of-sale terminals since New Year’s Day.

Multiple news agencies said the outage stemmed from card chips that couldn’t recognize the year 2010. The DSGV, an association representing German banks, said engineers were working diligently to fix the problem, but a full resolution might not come until Monday.

The outage affected 20 million EC, or electronic cash, cards, which act as debit cards, and 3.5 million credit cards, according to the DSGV. A separate bank association known as BDB said about 2.5 million of its cards suffered from the same problem and another 4 million cards issued by Germany’s cooperative banks were at least partially touched.

The latest big news to hit is pretty huge, 30 million German customers are unable to use their debit or credit cars as the chips couldn’t process the 2010 date.

This is pretty serious as it needs a physical card replacement so could be very costly and time consuming for the banks involved.

It’ll be interesting to see what kind of solution they can come up with.

The reports are the latest to involve the inability of computers to properly handle the 2010 date. Just after midnight on New Year’s Day, Symantec’s Endpoint Protection Manager stopped accepting updates after it was hit by its own 2010 date bug. Soon after the first of the year, SpamAssassin began blocking huge amounts of legitimate email because they included the 2010 in their headers, a date so far off the spam filter assumed they had to be junk.

Kaspersky software also experienced massive update problems on December 30, according to support forums, but it’s not clear the new year had anything to do with them.

The German payment card snafu hit a variety of banks, although customers of Deutsche Bank reportedly were not affected. More from the AFP and Dow Jones is here and here.

I wonder how many other pieces of software are currently malfunctioning but no-one knows about it, I hope my banks accounting software has screwed up and it’s crediting me with 500% daily interest!

I’m sure there are plenty of other cases too that haven’t been reported (or at least not reported yet).

We’ll have to wait and see how widespread this 2010 bug really is.

Source: The Register

Posted in: Secure Coding

Latest Posts:

SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.

4 Responses to 2010 Bug Wreaks Havoc In Germany

  1. Steve January 6, 2010 at 10:18 am #

    Looks like some Australian services were affected by something similar.

    2016 glitch at Bankwest too

  2. Jigoku969 January 6, 2010 at 10:50 am #

    yea this thing is really annoying, my credit card isn’t working , too:-(

  3. cbrp1r8 January 6, 2010 at 6:52 pm #

    “I hope my banks accounting software has screwed up and it

  4. Sebastian January 6, 2010 at 7:24 pm #

    There is a workaround. You can place a little cellotape on the chip, this will force most card readers to fallback on the magnetic strip. The magnetic strip is very insecure though!