passwords

Fri
11
Oct
John Lister's picture

Facebook Fined for Password Failure

Facebook's parent company has been fined the equivalent of $100 million for storing user passwords in plain text. Failing to encrypt the passwords breached Europe's General Data Protection Regulation (GDPR). Meta, which runs Facebook and Instagram, ... broke the rules despite there being no evidence that anyone accessed the passwords without authorization or that anyone was then able to access accounts. Delay In Coming Clean The company was found to have breached the GDPR on four counts. Two involved failing to adequately secure personal data, one involved not properly documenting these failures ... (view more)

Wed
28
Aug
John Lister's picture

Ransomware Turns to Triple Threat

A notorious ransomware group has engaged in a "triple threat" attack. As well as locking files and threatening to expose data, the Qilin group has been spotted trying to steal saved passwords from Chrome. The Qilin group appears to have been ... operating for at least two years but came to wider attention in 2022 when it attacked British hospitals. The group's origins and membership aren't known for certain, but it has communicated in Russian. As is becoming more common, Qilin doesn't simply restrict itself to encrypting files and systems and then demanding a ransom payment to restore access. It ... (view more)

Tue
23
Jul
John Lister's picture

10 Billion Password Leak Not What It Seems

Reports that hackers have got their hands on 10 billion passwords have been slightly overblown. The file includes passwords up to 20 years old and many may never have been used at all. The "leak" involves an online post of a text file dubbed ... "RockYou 2024" which is said to contain 9,948,575,739 unique passwords, all stored in plain text. It appears to be an update from a similar file published in 2021, with "only" 1.5 billion of the passwords added since that time. Cybernews estimates it contains passwords compiled from around 4,000 databases over the past 20 years. (Source: cybernews.com ) ... (view more)

Mon
15
Jan
John Lister's picture

23andMe Blames Victims for Information Hack

DNA and ancestry site 23andMe has told victims of a major hack that it's their fault for not using unique passwords. The claim came in a letter aimed deterring victims from proceeding with a class action case. The site admitted last month that ... almost 7 million customers have been affected by a data breach. Hackers directly accessed personal data including DNA information of about 14,000 people. However, they were able to get some personal data of another 6.9 million people that enabled a feature to share information with potential relatives. Unsurprisingly, this led to legal action from ... (view more)

Thu
01
Jun
John Lister's picture

Amazon Hit By $30 Million Privacy Penalty

Amazon has agreed to pay a total of $30 million in penalties for privacy violations related to its Ring and Alexa devices, according to an announcement by the Federal Trade Commission (FTC). The penalties consist of $25 million for allegedly ... retaining children's data without deletion and $5.8 million for failing to limit employee and contractor access to Ring security videos. (Source: cnet.com ) The settlements do not require Amazon to make any admission of legal wrongdoing. (Source: theguardian.com ) Amazon Accused of Retaining Kid's Data The FTC accused Amazon of preventing parents from ... (view more)

Wed
30
Nov
John Lister's picture

One in 500 Passwords Is '123456'

"Password" and "123456" continue to battle it out for the worst password choice according to two annual studies. While this tells us very little about why users continue to use such weak passwords, there's some mixed news elsewhere. Several ... companies chase headlines each year by publishing lists of the worst passwords, meaning the ones that appear most frequently. The data source is usually a collection of stolen website login databases published online. Sometimes these are stored in plain text while sometimes cyber criminals have successfully cracked decryption. The ... (view more)

Mon
31
Oct
John Lister's picture

Thermal Images Could Reveal Passwords

Researchers say a thermal imaging camera could help crack passwords. It's not exactly a looming threat for the average user, though the study does reinforce the important of longer passwords. The research from the University of Glasgow appears to ... have been inspired by noticing that thermal-imaging cameras are becoming more affordable (less than $220 in some cases) and wondering how they could combine with machine learning. The researchers say they same idea may have struck would-be criminals, so it was worth trying to get one step ahead of them. (Source: zdnet.com ) The project followed a ... (view more)

Thu
19
May
John Lister's picture

Google Offers Hassle-Free Way To Update Leaked Passwords

Google is making it easier to change passwords on an Android device after a security breach. It's automating much of the process through the Google Assistant feature. It works with the saved passwords tool on Chrome, which can automatically fill in ... user names and password fields on websites. The passwords themselves are then stored securely in the user's Google account, which is one of the reasons it's so important to keep the Google password secure. On both desktop and mobile devices, Chrome can already warn users if their saved login details for a particular site is known to have been ... (view more)

Sat
01
Jan
John Lister's picture

LastPass Blunder Causes Security Scare

Users of popular password manager tool LastPass have reported worrying emails that suggest their master passwords have been compromised. LastPass says the emails may have been sent mistakenly and that it has no evidence of any security breach. Like ... most such tools, LastPass let users create a single memorable password, the name coming from the idea it's the "last password" users will ever need to remember. This password is necessary to unlock a private vault of stored encrypted passwords for other sites. One of the big keys to the service is that LastPass itself has no access to the master ... (view more)

Fri
24
Sep
John Lister's picture

Microsoft Makes Password Optional

Microsoft has removed the need for passwords to log in to a Microsoft account. Users can choose from four other options including a dedicated app. A Microsoft account can cover a range of devices and activities including Outlook, Microsoft 365 (the ... online version of what used to be called Office), settings and bookmarks in the Edge browser, Skype calls, online storage in OneDrive and purchases and downloads from the Microsoft Store. It's also the default way to log in to Windows itself for many users, though some setups let users opt for a four-digit PIN code instead. Passwords Bring Dilemma ... (view more)

Pages

Subscribe to RSS - passwords