this post was submitted on 20 Aug 2024
23 points (100.0% liked)

Technology

1564 readers
226 users here now

Which posts fit here?

Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.

Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

[email protected]
[email protected]

Icon attribution | Banner attribution

founded 1 year ago
MODERATORS
[email protected]
23
National Public Data Published Its Own Passwords (krebsonsecurity.com)
submitted 4 months ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its homepage until today.

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 4 months ago (1 children)

And that's why privacy people are against age verification and other verification methods that store your personal data. Idiots like this or underpaid government employees are unqualified to protect it. And they can't leak what they don't have.

[–] sfxrlz 4 points 4 months ago

There’s a book I really like in which they have to kiss their devices since all other used biometrics are already publicly available… through breaches.

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago)

inadvertently published the passwords to its back-end database

I hate this use of the word "inadvertently". It's meant to describe a situation where someone who has caused harm could not have reasonably known the consequence of his actions. For example, parents who fed their children tainted apple sauce inadvertently poisoned their children. In theory they could have done their own chemical analysis, but it's not reasonable to personally test all food for lead.

This password was not published "inadvertently". The company could have and should have avoided doing so. The right word is "carelessly". They deserve blame.

(If you want to avoid making the company angry at you then at least say "accidentally" and leave the question of blame unanswered.)