c0lo writes:
"Reuters reports that security company Hold Security LLC has uncovered stolen log in credentials from some 360 million online accounts that are available for sale on cyber black markets. Some of the more salient points in the article include:
The same source reports the stash was obtained in multiple breaches, but the log in credentials of 105 million accounts may have been taken in a single attack. If confirmed, this would make the largest single breach to date.
Hold Security LLC is the same company that uncovered the Adobe customer data breach in October 2013."
(Score: 5, Interesting) by Anonymous Coward on Thursday February 27 2014, @11:50AM
Companies need to be held criminally responsible for data breaches like these. Designers / administrators who sign off on systems that lose customer data should be personally fined or reprimanded by their professional organizations.
If customer data is a) stolen, and b) not encrypted / salted / etc., then someone was negligent. The web is no longer the wild west; computer security is no longer an academic concern.
(Score: 5, Funny) by c0lo on Thursday February 27 2014, @12:02PM
Believe me, is far more than the wild west.
Want a proof? I can guarantee they didn't have as many individual hookers as there are pr0n sites today.
(Score: 1) by SuperCharlie on Thursday February 27 2014, @01:15PM
My tinfoil hat tells me it is more likely that undisclosed vulnerabilities are used at this scale than sloppy coding/security. The kind that sell on the black market and are hoarded by "other" entities.
(Score: 4, Funny) by bd on Thursday February 27 2014, @02:14PM
My tinfoil hat tells me it is more likely that undisclosed vulnerabilities are used at this scale
Confused here... I thought the hat was intended to make the voices go away?!
(Score: 5, Interesting) by Buck Feta on Thursday February 27 2014, @01:33PM
Who would ever take one of these jobs then?
(Score: 5, Interesting) by SMI on Thursday February 27 2014, @01:40PM
Yeah, really. Eventually the omniscient upper-management, who are responsible for oversight, ought to have to be held accountable. Not any time soon, obviously, but eventually!
(Score: 0) by Anonymous Coward on Thursday February 27 2014, @08:50PM
Not like they usually get to sign off on systems themselves. They're more likely to be told to stuff their paranoia, and just get things done.