CIMB Clicks Facing Major Security Flaws – UPDATED With Statement from CIMB Bank
CIMB Clicks Facing Major Security Flaws [UPDATE 3.30PM 17th December 2018]
For security purpose, if suspicious activity is detected, customer will be prompted to for reCAPTCHA validation. Once the customer validated successfully, customer can proceed to login to CIMB Clicks. Thank you. (2/2)
— CIMBMalaysia (@CIMBMalaysia) December 16, 2018
If you’re a CIMB account holder / user, then this is definitely something you need to take note of. It appears that CIMB Clicks is currently facing some issues due to major security flaws in the system.
To be precise, it appears that some CIMB Clicks users have managed to log in to their account despite using the wrong password. This is of course a very serious matter, especially for online banking, as it would seem like virtually anyone is able to access your accounts.
Users have started to report on the matter when they noticed the appearance of “ReCaptcha” on the CIMB Clicks website. This can be seen as an indication that the website is currently seeing a lot of bots coming in.
Despite that, CIMB has assured that it is only an added security measure. They mentioned that if suspicious activity has been detected, users will be prompted for the ReCaptcha validation, and upon successful validation, they will be able to access their accounts without any problems. Aside from this, CIMB has yet to make an official statement on the matter.
CIMB Bank Official Statement
The folks over at CIMB Bank has given us their official statement on the matter. To avoid any potential misunderstandings, we will include the statement in its whole, right below here:
CIMB Bank Berhad (“CIMB” or “the Bank”) would like to address recent social media news on the alleged insecurity of its online banking portal, CIMBClicks. Please take note that our CIMBClicks system remains secure and all customers’ transactions continue to be protected.
The bank would like to inform that it had, over the weekend, introduced a few additional measures to enhance the security of its CIMBClicks transactions. Apart from ensuring that the system is now able to accommodate passwords longer than eight (8) characters and up to 20 characters, we have also added the reCaptcha security measure on CIMBClicks to ensure the user is not a bot.
And there you have it. If you are facing problems on your end such as mysterious charges or other matters, do contact them as soon as possible.
Pokdepinion: Some people are advising to not go and login to your CIMB Clicks account for now. I’m not a user myself but it sounds like a better safe than sorry situation for now so just keep your eyes and ears peeled.