Name of the Vulnerable Software and Affected Versions: moov-io/customers (affected versions not specified)

Description: The issue is related to the hashing of account numbers without using a salt, making it susceptible to rainbow table attacks. The expected behavior is to include a salt, such as a random number from the configuration, in the hash generation process. This could be achieved by generating a salt per tenant or organization.

Recommendations: For moov-io/customers, consider implementing a salt generation mechanism, such as generating a salt per tenant or organization, to enhance the security of account number hashing. As a temporary workaround, consider modifying the hash.AccountNumber function to include a salt value until a more robust solution is implemented.