Startups Increasingly Targeted With Hacks

ubrgeek writes: Slack, makers of the popular communications software, announced yesterday that they'd suffered a server breach. This follows shortly after a similar compromise of Twitch.tv, and is indicative of a growing problem facing start-up tech companies. As the NY Times reports, "Breaches are becoming a kind of rite of passage for fledgling tech companies. If they gain enough momentum with users, chances are they will also become a target for hackers looking to steal, and monetize, the vast personal information they store on users, like email addresses and passwords."

How is it a "rite of passage"?

[khasim]

They're getting cracked because they're not paying attention to their security.

After resetting users passwords, Twitch initially introduced longer password character requirements, but had to dial back its new 20-character password length requirement to 8 characters after users complained.

Fuck you! If you cannot detect and mitigate a brute force attack then hire someone who can.

Twitch also said it encrypted passwords, but warned that hackers might have been able to capture passwords in the clear as users were logging on.

And make sure you know the difference between encrypted and hashed.

Re:How is it a "rite of passage"?

[OzPeter]

They're getting cracked because they're not paying attention to their security.

But start-ups are all about the most buzz you can generate in the shortest time. You need to get that product out the door ASAP because your competitors aren't going to wait for you to build your secure system first. After all, you're not in the business of security, you're in the business of connecting up the most people and building your community. /sacasm*

*Added because even I thought I was starting to sound like a lean-startup advocate