In August 2018, Brian Krebs investigated into Fiserv's security and privacy  flaws and uncovered authentication weakness allowing bank customers to view account data for other customers, including account number, balance, phone numbers and email addresses. 

Fast forward to just a few days ago, Bessemer Systems Federal Credit Union sued Fiserve, saying it was moved by Kreb's findings and decided to launch its own investigation. The result into Fiserv’s systems uncovered a startlingly simple flaw: Firsev’s platform would let anyone reset the online banking password for a customer just by knowing their account number and the last four digits of their Social Security number.

Read KrebsOnSecurity's deep dive into the events that led up to this lawsuit.