Slashdot Mirror

← Back to Stories (view on slashdot.org)

Startups Increasingly Targeted With Hacks

Posted by Soulskill on from the waiting-for-the-easy-marks-to-ripen dept.

ubrgeek writes: Slack, makers of the popular communications software, announced yesterday that they'd suffered a server breach. This follows shortly after a similar compromise of Twitch.tv, and is indicative of a growing problem facing start-up tech companies. As the NY Times reports, "Breaches are becoming a kind of rite of passage for fledgling tech companies. If they gain enough momentum with users, chances are they will also become a target for hackers looking to steal, and monetize, the vast personal information they store on users, like email addresses and passwords."

3 of 49 comments (clear)

  1. How is it a "rite of passage"? by khasim · · Score: 4, Insightful

    They're getting cracked because they're not paying attention to their security.

    After resetting users passwords, Twitch initially introduced longer password character requirements, but had to dial back its new 20-character password length requirement to 8 characters after users complained.

    Fuck you! If you cannot detect and mitigate a brute force attack then hire someone who can.

    Twitch also said it encrypted passwords, but warned that hackers might have been able to capture passwords in the clear as users were logging on.

    And make sure you know the difference between encrypted and hashed.

    1. Re: How is it a "rite of passage"? by Anonymous Coward · · Score: 2, Insightful

      Seems users would rather be insecure than secure. Good for them.

      Just because the average job is a retard doesn't mean you have to be. Nothing says you can't use the 20 character password even when everyone else is using an 8 letter one. Their stupidity won't affect you.

      However, there's no excuse for a website doing something like storing passwords in plaintext. That's just fucking stupid.

    2. Re:How is it a "rite of passage"? by OzPeter · · Score: 4, Insightful

      They're getting cracked because they're not paying attention to their security.

      But start-ups are all about the most buzz you can generate in the shortest time. You need to get that product out the door ASAP because your competitors aren't going to wait for you to build your secure system first. After all, you're not in the business of security, you're in the business of connecting up the most people and building your community. /sacasm*

      *Added because even I thought I was starting to sound like a lean-startup advocate

      --
      I am Slashdot. Are you Slashdot as well?