A Nebraska woman allegedly found a lucrative quirk at a gas station pump — double-swipe the rewards card and get free gas!
Unfortunately for her, you can’t do that, prosecutors said. The 45-year-old woman was arrested March 6 and faces felony theft charges accusing her of a crime that cost the gas station nearly $28,000.
Prosecutors say the woman exploited the system over a period of several months. Police learned of the problem in October when the loss-prevention manager at Bosselman Enterprises reported that the company’s Pump & Pantry in Lincoln had been scammed.
The action in question is double tapping a rewards card, at some point a security vulnerability is so bad it is negligent. I find it odd that no one is pointing out she followed the prompts on the screen when making these analogies. A better example would be having a site show you sensitive data (like say the fallout 76 bag scandal, or the sony one) and then claiming the fault is solely on the person who saw the data. I can see other charges then theft maybe, but the liability here can not just be on the person.
We are currently debating whether or not a crime has been committed so, yes it can.
She didn’t just double tap the card, she knowingly put it into demo mode. At that point you’ve gone beyond ‘oops, mistake’ territory into ‘actively screwing with the system’. On top of that, she was doing it for a profit.