My sis works for a web agency. She's worked on some big companies sites and you'd shudder at how much supposedly encrypted data is available to just anyone working in those companies. Most of the big ones use subcontractors to "secure" the data but since nobody there knows anything about technique, they just blindly believe that if they paid a bill for it, job's done so the data is secure, right?
Comment has been collapsed.
Thank god I never bought anything from them. I remember searching for a computer part on their site, I think it was a hard drive or computer case. But I couldn't see how much shipping would cost without creating an account first. I couldn't be bothered so I went elsewhere.
Comment has been collapsed.
This is terrible, but all I can think about is how frantically Linus is probably running around trying to throw a video together
Comment has been collapsed.
335 Comments - Last post 21 minutes ago by DeltaBladeX
56 Comments - Last post 37 minutes ago by spodamayn
46,758 Comments - Last post 1 hour ago by LieEater
15,202 Comments - Last post 1 hour ago by uvi
217 Comments - Last post 1 hour ago by RomchEk
44 Comments - Last post 2 hours ago by Foxhack
46 Comments - Last post 3 hours ago by Ginohax
2 Comments - Last post 28 seconds ago by ThatDave
45 Comments - Last post 14 minutes ago by 86maylin
4 Comments - Last post 14 minutes ago by Tachikoma
30 Comments - Last post 16 minutes ago by LittleBibo1
38 Comments - Last post 22 minutes ago by LittleBibo1
232 Comments - Last post 30 minutes ago by GeoSol
655 Comments - Last post 38 minutes ago by s4k1s
https://www.privacyfly.com/articles/ncix_breach/#three
Anyone who bought hardware from now-defunct NCIX between 2007 and 2017 has personal data exposed. The personal data was stored on hard disk drives unencrypted. Sample, edited pictures in the link above.
"The nciwww file contained 291 tables from their NCIX US store and had multiple versions of the file with data going back to 2007. The version I spent time analyzing was dated between November 2013 to February 2015. All the various versions of the MDF database files had been unencrypted with the last file being dated in 2017 for most of the databases. The nciwww database contained a thousand records from affiliates listing plain text passwords, addresses, names, and some financial data. In another table of information, I found customer service inquiries including messages and contact information. There were also three hundred eighty-five thousand names, serial numbers with dates of purchase, addresses, company names, email addresses, phone numbers, IP addresses and unsalted MD5 hashed passwords. The database also contained full credit card payment details in plain text for two hundred and fifty-eight thousand users between various tables."
Comment has been collapsed.