Go Back   nV News Forums > General Forums > Archived News Items

Newegg Daily Deals

Reply
 
Thread Tools
Old 07-13-12, 01:30 PM   #1
News
Registered User
 
Join Date: Jun 2009
Posts: 51,433
Post More user passwords dumped, this time from alleged Billabong.com hack

Hackers dumped another huge cache of stolen passwords, this time exposing what they said are as many 35,000 plaintext passcodes from the website of clothing maker Billabong International.

A post on CodePaste.net claimed 20,000 to 35,000 user names and corresponding passwords were retrieved in the hack of billabong.com. But the post included only 1,435 plaintext user credentials and didn't explain the discrepancy. Australia-based Billabong provides the accounts to customers to make frequent online purchasing more easy. The post also included what it claimed were user names and hashed passwords for MySQL accounts used to administer the site.

The post comes less than 24 hours after the discovery of a separate password dump that affected more than 453,000 accounts for Yahoo's Contributor Network (previously Associated Content). In both cases, Web administrators appear to have stored the passwords in plaintext, a practice that is severely frowned upon in the security profession because it makes life much easier for hackers who gain a foothold into a vulnerable system. With only a little extra work, admins could have used Bcrypt or another modern cryptographic algorithm to scramble the passwords into one-way hashes that can't easily be reversed. The hashes may still be cracked, but if the process is done correctly, the protection buys hacked websites enough time to warn users before their plaintext passwords are circulated.

Read 3 remaining paragraphs | Comments






More...
News is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora KDE 16 Geforce GTX260 and slow gtk applications Rendering NVIDIA Linux 10 07-11-13 08:02 AM
10 (or so) of the worst passwords exposed by the LinkedIn hack News Archived News Items 0 06-06-12 07:20 PM
Mandrake 8.2 first time user... mcortz_2000 NVIDIA Linux 3 09-26-02 02:51 PM

All times are GMT -5. The time now is 09:54 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.