A Nebraska woman allegedly found a lucrative quirk at a gas station pump — double-swipe the rewards card and get free gas!
Unfortunately for her, you can’t do that, prosecutors said. The 45-year-old woman was arrested March 6 and faces felony theft charges accusing her of a crime that cost the gas station nearly $28,000.
Prosecutors say the woman exploited the system over a period of several months. Police learned of the problem in October when the loss-prevention manager at Bosselman Enterprises reported that the company’s Pump & Pantry in Lincoln had been scammed.
What about the reverse? Exploiting a security vulnerability and getting access to sensitive data that you then use for financial gain shouldn’t be a crime? Going into a house with poor quality locks and stealing things?
I’m not trying to side with big corporations here but I think you’re getting the precedent issue the wrong way around. If the actions of that person weren’t a crime, it’d be a bigger problem.
The underlying issue, that people are pushed into theft out of desperation, is far worse. I make no moral judgement of this person because I don’t know their circumstances. But I don’t think whether it is a crime or not can really be debated.
The action in question is double tapping a rewards card, at some point a security vulnerability is so bad it is negligent. I find it odd that no one is pointing out she followed the prompts on the screen when making these analogies. A better example would be having a site show you sensitive data (like say the fallout 76 bag scandal, or the sony one) and then claiming the fault is solely on the person who saw the data. I can see other charges then theft maybe, but the liability here can not just be on the person.
We are currently debating whether or not a crime has been committed so, yes it can.
She didn’t just double tap the card, she knowingly put it into demo mode. At that point you’ve gone beyond ‘oops, mistake’ territory into ‘actively screwing with the system’. On top of that, she was doing it for a profit.