backtop


Print

No public acknowledgment of the leak offered

The Institute of Electrical and Electronics Engineers (IEEE) reportedly made a massive mistake that left nearly 100,000 usernames and passwords of members of the organization exposed on a public server. A plain text list of username and password combinations was publicly available on a FTP server for over a month before being discovered. The plain text list was discovered last week by teaching assistant in the computer science department at the University of Copenhagen. 
 
Considering the huge number of technology experts who are members of the IEEE and who work for the organization, this is a massive and hugely embarrassing security fault. The usernames and passwords of members weren't the only pieces of information exposed on the publicly accessible FTP site. In addition, over 100 GB of Web server log files from ieee.org and spectrum.ieee.org were publicly available because server administrators hadn't set access controls.
 
Those logs reportedly showed 376 million HTTP requests and 411,308 of those included both usernames and passwords. ZDNet reports that most of the compromised accounts belonged to employees at Apple, Google, IBM, Oracle, and Samsung. However, some of the user names and passwords exposed also belong to researchers from NASA, Stanford University, and other universities and organizations.
 
ZDNet reports that the IEEE has yet to publicly admit the data was leaked and hasn't been returning calls for comment. Teaching assistant Radu Dragusin said, "One simple and stupid mistake: public access to logs. The other, more troublesome, keeping passwords in plain text, which seems to be more on how they architect their login system." He also noted that, "While the first issue [log files] is clearly solved, I doubt the second is."

Source: ZDNet





"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot



Most Popular ArticlesSuper Hi- Vision Will Amaze the World
January 16, 2017, 9:53 AM
Samsung Chromebook Plus – Coming in February 2017
January 17, 2017, 12:01 AM
Samsung 2017 Handset’s Updates
January 17, 2017, 12:01 AM
Comparison – Surface Pro VS Tbook X5 Pro
January 21, 2017, 7:00 AM
Comparison – iPad Mini Vs Huawei MediaPad M3
January 19, 2017, 2:08 AM

Latest Blog Posts
Some new News
Saimin Nidarson - Jan 23, 2017, 8:59 AM
What is new?
Saimin Nidarson - Jan 22, 2017, 7:00 AM
News
Saimin Nidarson - Jan 20, 2017, 7:00 AM
News of the World
Saimin Nidarson - Jan 19, 2017, 7:00 AM
Some tips
Saimin Nidarson - Jan 17, 2017, 12:16 AM
News of the Day
DailyTech Staff - Jan 16, 2017, 12:10 PM
Tech News
Saimin Nidarson - Jan 15, 2017, 12:32 AM
Here is Some News
Saimin Nidarson - Jan 14, 2017, 12:39 AM
News around the world
Saimin Nidarson - Jan 12, 2017, 12:01 AM
Rumors and Announcements
Saimin Nidarson - Jan 11, 2017, 12:01 AM
Some news of Day
Saimin Nidarson - Jan 7, 2017, 12:01 AM
News 2017 CES
Saimin Nidarson - Jan 6, 2017, 12:01 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki