Newsletter IconFacebook IconX IconThreads IconInstagram IconYouTube IconPinterest Icon
Giveaway: Win an NZXT H6 RGB+ Case, Kraken Elite AIO, RGB Fans and 1200W PSU

College students discover security flaw that could let millions do laundry for free

Two college students discovered a security flaw in internet-connected washing machines, leading to an exploitable vulnerability for millions of machines.

College students discover security flaw that could let millions do laundry for free
Tech and Science Editor
Published
Updated
1-minute read time
Voice: Jak Connor
0:00 / --:--
Use left and right arrow keys to seek audio.

Two college students discovered a security exploit within the API of a washing machine that is currently in use across several countries.

College students discover security flaw that could let millions do laundry for free 156561615

Alexander Sherbrooke and Iakov Taranenko discovered the security flaw within the API created by the company behind the washing machines, CSC ServiceWorks. The two students claim the vulnerability within the internet-connected API enabled them to remotely turn a machine on without payment, and update their laundry account to display millions of dollars. Reports indicate that CSC ServiceWorks has more than a million machines across college campuses, housing communities, and laundromats in the US, Canada, and Europe.

The two college students contacted CSC ServiceWorks about the security flaw and didn't receive a response from the company, but noticed shortly after their laundry account balance was changed from millions of dollars back to $0. The two students spoke to The Verge and said the lack of response from CSC ServiceWorks led them to tell other people about the vulnerability, which resulted in the posting of the list of commands that enables anyone to access CSC's network-connected laundry machines.

With the method of connecting to the laundry machines now public it will likely be very soon the vulnerability will get fixed. This is a solid reminder to any businesses they are network-connected to make sure your cybersecurity is up to date, and if anyone is genuinely trying to contact you regarding your network security (obviously avoid scammers), it's worth lending an ear to them.

Photo of the $10 -PlayStation Store Gift Card [Digital Code]

Best Deals: $10 -PlayStation Store Gift Card [Digital Code]

* Prices may be inaccurate. As an Amazon Associate, we earn from qualifying purchases. We earn affiliate commission from any Newegg or PCCG sales.

News Sources:theverge.com and web.archive.org

Comments (1)

Tech and Science Editor

Email IconX IconLinkedIn Icon

Jak joined TweakTown in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science, space, and artificial intelligence news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms.

Stay Updated

Follow TweakTown for breaking tech news, reviews, and daily updates.

Add TweakTown as a preferred source on GoogleFind TweakTown on Apple News
Newsletter Subscription