+- Red Security (https://redsecurity.info/cc)
+-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1)
+--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4)
+--- Thread: News Millions of Utilities Customers’ Passwords Stored in Plain Text (/showthread.php?tid=961)
Millions of Utilities Customers’ Passwords Stored in Plain Text - Mad-Architect - 02-27-2019
![[Image: PowerGridTA-177666221.jpg]](https://media.wired.com/photos/59af419ac6826f54d72b409a/master/w_2400,c_limit/PowerGridTA-177666221.jpg)
In September of last year, a security researcher discovered more than 80 power companies that had been emailing their customer their passwords in plain-text. This is instead of offering a more secure, password reset, as their plain-text email is without any encryption, salt or hash. The number of plain-text passwords that have been emailed to customers, in up in the millions. This is a big problem.
Anyone of these millions of people could be someone important; a government official or someone higher up a sector of the infrastructure. The original person that had investigated this matter, did go about confronting the company about why its lackluster security, and he was re-directed to the company's lawyer, in which he stated that the company's security was just fine.
This unfortunately lead to Mark Cole, the company's General Counsel emailing the researcher and stating that he shouldn't talk to anyone about it, and was to report Mr. Cole only, from now on. It is holes like these; the physical ones, that outweigh the logical ones. Human traits are the worst type of security breach. When you are living in the world where countries are waging an asymmetric war, any holes, regardless of where or what they are, must be sealed.
The stubbornness of this company is telling of where we are. Companies in the infrastructure sector, as well other sectors, need to pay heed to security. These are trying times, on the internet as well as the world, the cyber-world I mean.
Original article can be found here.
That was the news, have a good week, and stay safe out there.
--Mad-Architect