SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.
SoylentNews
The third largest breach ever just happened in Finland. Passwords were stored in plaintext. At T-Mobile Austria, they explain that of course they store the password in plaintext, but they have so good security so it's nothing to worry about. At what point does this become criminally negligent?
This discussion has been archived.
No new comments can be posted.
At What Point Does Storing Passwords in Plaintext Become Criminally Negligent
|
Log In/Create an Account
| Top
| 138 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
The last time I saw him he was walking down Lover's Lane holding his own hand.
-- Fred Allen
(Score: 3, Informative) by Knowledge Troll on Sunday April 08 2018, @03:09PM (2 children)
T-Mobile wasn't breached - at least not that they are reporting.
(Score: 0) by Anonymous Coward on Sunday April 08 2018, @03:21PM
Ah, right, the breach was in Finland, and the statement was from T-Mobile Austria. My bad. That means that the "explanation" is just terminally stupid, not clinically insane.
(Score: 0) by Anonymous Coward on Sunday April 08 2018, @06:00PM
Someone found and PoC'd an XSS on their website on Friday night. It was also reported they are running comically old versions of the Linux kernel, PHP, and Apache. I suspect their database is already floating around on at least one invite only "dark" web forum. I'm thinking some time late next week it'll hit the mainstream network news.
In other news, if you're still sharing passwords between websites, now would be a very good time to rethink that practice while you're changing your passwords again.