IEEE Mistake Exposes Tens of Thousands of Member Names and Passwords
September 26, 2012 9:12 AM
comment(s) - last by
No public acknowledgment of the leak offered
The Institute of Electrical and Electronics Engineers (IEEE) reportedly made a massive mistake that left nearly 100,000 usernames and passwords of members of the organization exposed on a public server. A plain text list of username and password combinations was publicly available on a FTP server for over a month before being discovered. The plain text list was discovered last week by teaching assistant in the computer science department at the University of Copenhagen.
Considering the huge number of technology experts who are members of the IEEE and who work for the organization, this is a massive and hugely embarrassing security fault. The usernames and passwords of members weren't the only pieces of information exposed on the publicly accessible FTP site. In addition, over 100 GB of Web server log files from ieee.org and spectrum.ieee.org were publicly available because server administrators hadn't set access controls.
Those logs reportedly showed 376 million HTTP requests and 411,308 of those included both usernames and passwords.
reports that most of the compromised accounts belonged to employees at Apple, Google, IBM, Oracle, and Samsung. However, some of the user names and passwords exposed also belong to researchers from NASA, Stanford University, and other universities and organizations.
reports that the IEEE has yet to publicly admit the data was leaked and hasn't been returning calls for comment. Teaching assistant Radu Dragusin said, "One simple and stupid mistake: public access to logs. The other, more troublesome, keeping passwords in plain text, which seems to be more on how they architect their login system." He also noted that, "While the first issue [log files] is clearly solved, I doubt the second is."
This article is over a month old, voting and posting comments is disabled
9/26/2012 2:43:35 PM
meh. It sickens me that large organizations have such poor security.
"Let's face it, we're not changing the world. We're building a product that helps people buy more crap - and watch porn." -- Seagate CEO Bill Watkins
Not All the High-Tech Jobs Are in California
August 4, 2016, 8:29 PM
Google's Gleaming Glass HQ Gets Mountain View Snub, LinkedIn Gets the Love
May 7, 2015, 6:58 AM
Tech's Tax Day Fortunate Few: Qualcomm, Xerox, GE, et al. Pay Little or No Taxes
April 15, 2015, 11:30 AM
LinkNYC Terminals to Blanket New York City With Free WiFi, Free Calls, and Ads
November 17, 2014, 6:50 PM
Microsoft is Open-Sourcing Most of .NET, Adding OS X and Linux Support
November 12, 2014, 8:27 PM
Home Depot Lost 53 Million Emails, Blames Windows, Buys Execs New Macs
November 9, 2014, 5:00 PM
Most Popular Articles
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM
FDA Cleared, Shockwave Lithoplasty for Peripheral Vascular Disease
September 22, 2016, 5:45 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
Are you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Smartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
Latest Blog Posts
Burlington Gun Attack
Sep 27, 2016, 5:00 AM
Who is in Risk of Getting Oral Cancer?
Sep 23, 2016, 6:02 AM
France Bans Plastic Eating Utensils in Restaurants
Sep 18, 2016, 10:49 AM
Progress Against Acute Myeloid Leukemia
Sep 17, 2016, 5:30 AM
Apple Watch Series 2 - Number 1 in the Customer Satisfaction.
Sep 7, 2016, 6:19 PM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information