My sis works for a web agency. She's worked on some big companies sites and you'd shudder at how much supposedly encrypted data is available to just anyone working in those companies. Most of the big ones use subcontractors to "secure" the data but since nobody there knows anything about technique, they just blindly believe that if they paid a bill for it, job's done so the data is secure, right?
Comment has been collapsed.
Thank god I never bought anything from them. I remember searching for a computer part on their site, I think it was a hard drive or computer case. But I couldn't see how much shipping would cost without creating an account first. I couldn't be bothered so I went elsewhere.
Comment has been collapsed.
This is terrible, but all I can think about is how frantically Linus is probably running around trying to throw a video together
Comment has been collapsed.
76 Comments - Last post 1 hour ago by Reidor
765 Comments - Last post 3 hours ago by grimfandango8888
0 Comments - Created 3 hours ago by PaganFears
43 Comments - Last post 4 hours ago by Qnemes
70 Comments - Last post 4 hours ago by orono
12 Comments - Last post 4 hours ago by orono
17 Comments - Last post 5 hours ago by SeaGoblin
73 Comments - Last post 12 minutes ago by Zarddin
417 Comments - Last post 16 minutes ago by Momo1991
2 Comments - Last post 17 minutes ago by antidaz
2,167 Comments - Last post 22 minutes ago by Khazadson
1 Comments - Last post 23 minutes ago by Taizun
94 Comments - Last post 23 minutes ago by herbesdeprovence
42 Comments - Last post 25 minutes ago by herbesdeprovence
https://www.privacyfly.com/articles/ncix_breach/#three
Anyone who bought hardware from now-defunct NCIX between 2007 and 2017 has personal data exposed. The personal data was stored on hard disk drives unencrypted. Sample, edited pictures in the link above.
"The nciwww file contained 291 tables from their NCIX US store and had multiple versions of the file with data going back to 2007. The version I spent time analyzing was dated between November 2013 to February 2015. All the various versions of the MDF database files had been unencrypted with the last file being dated in 2017 for most of the databases. The nciwww database contained a thousand records from affiliates listing plain text passwords, addresses, names, and some financial data. In another table of information, I found customer service inquiries including messages and contact information. There were also three hundred eighty-five thousand names, serial numbers with dates of purchase, addresses, company names, email addresses, phone numbers, IP addresses and unsalted MD5 hashed passwords. The database also contained full credit card payment details in plain text for two hundred and fifty-eight thousand users between various tables."
Comment has been collapsed.