Slashdot Mirror
Equifax Had 'Admin' as Login and Password in Argentina (bbc.com)
Reader wired_parrot writes: The credit report provider Equifax has been accused of a fresh data security breach, this time affecting its Argentine operations. The breach was revealed after security researchers discovered that an online employee tool used by Equifax Argentina was accessible using the "admin/admin" password combination.
Shouldn't you be arrested for this level of breech. If you worked at a bank and it was robbed because the security guard always left a door unlocked that would be considered criminal.
I don't see how a "debug mode" or an accident can get passwords located in the code like that, no matter how horri-bad a dev is.
Oh I can see it, some horri-bad dev write a "Select * from users" because that is the only SQL he knows and then finds a bunch of extra fields in his response. And rather than asking someone or googling about selecting fields he then marks all the rest of the fields as hidden. Out of site, out of mind. Only master haxxor ninjas know how to right click a page and select view source.
Of all tyrannies, a tyranny sincerely exercised for the (supposed) good of its victims may be the most oppressive
this dumbfuckery? Get on it people!
On the bright side Equifax's stock price is plummeting faster than a metric based Mars probe.
I hope they go bankrupt and every corporate board member spends the rest of their lives fighting identity theft. They deserve no less, since now I have to spend the rest of my fucking life fighting identity theft thanks to these assholes.
~X~