My sis works for a web agency. She's worked on some big companies sites and you'd shudder at how much supposedly encrypted data is available to just anyone working in those companies. Most of the big ones use subcontractors to "secure" the data but since nobody there knows anything about technique, they just blindly believe that if they paid a bill for it, job's done so the data is secure, right?
Comment has been collapsed.
Thank god I never bought anything from them. I remember searching for a computer part on their site, I think it was a hard drive or computer case. But I couldn't see how much shipping would cost without creating an account first. I couldn't be bothered so I went elsewhere.
Comment has been collapsed.
This is terrible, but all I can think about is how frantically Linus is probably running around trying to throw a video together
Comment has been collapsed.
386 Comments - Last post 7 minutes ago by Bum8ara5h
18 Comments - Last post 43 minutes ago by RobbyRatpoison
214 Comments - Last post 1 hour ago by Bentosan
7 Comments - Last post 2 hours ago by lostsoul67
1,736 Comments - Last post 4 hours ago by MBaer
17,148 Comments - Last post 6 hours ago by pivotalHarry
67 Comments - Last post 6 hours ago by JonathanDoe
4 Comments - Last post 1 minute ago by Carenard
165 Comments - Last post 20 minutes ago by DudeNukem
127 Comments - Last post 1 hour ago by Yamaraus
120 Comments - Last post 1 hour ago by kudomonster
154 Comments - Last post 1 hour ago by Patryk0
88 Comments - Last post 2 hours ago by Gozu
322 Comments - Last post 2 hours ago by xXShurraXx
https://www.privacyfly.com/articles/ncix_breach/#three
Anyone who bought hardware from now-defunct NCIX between 2007 and 2017 has personal data exposed. The personal data was stored on hard disk drives unencrypted. Sample, edited pictures in the link above.
"The nciwww file contained 291 tables from their NCIX US store and had multiple versions of the file with data going back to 2007. The version I spent time analyzing was dated between November 2013 to February 2015. All the various versions of the MDF database files had been unencrypted with the last file being dated in 2017 for most of the databases. The nciwww database contained a thousand records from affiliates listing plain text passwords, addresses, names, and some financial data. In another table of information, I found customer service inquiries including messages and contact information. There were also three hundred eighty-five thousand names, serial numbers with dates of purchase, addresses, company names, email addresses, phone numbers, IP addresses and unsalted MD5 hashed passwords. The database also contained full credit card payment details in plain text for two hundred and fifty-eight thousand users between various tables."
Comment has been collapsed.