Study finds bank sites vulnerable

More than three-fourths of bank websites have flaws that can allow hackers to easily gain access to customers’ personal information, according to a University of Michigan study released Wednesday.

From information gathered at 214 websites in 2006, researchers found sites that put log-in boxes and contact information on insecure pages, required only e-mail addresses and short passwords for identification and sent statements and passwords via unsecured e-mail.

The study will be presented at a symposium on privacy Friday at Carnegie Mellon University in Pittsburgh.

“To the credit of some of these institutions, some of the changes at their websites since we originally collected the data have been in the right direction,” said professor Atul Prakash, who oversaw the study.