Skip to content

A week is a long time in security

by on May 27, 2014

The former Prime Minister, Harold Wilson, once observed that a week is a long time in politics.  The same is also true in IT security.  A week ago, eBay was a trusted brand with a good security reputation:  after all, it had survived the Heartbleed vulnerability scare that affected so many other globally-popular websites.  Now this reputation has been shattered after it revealed that it was the victim of perhaps the biggest security breach ever, with the details of nearly 150 million users stolen by hackers.

It turns out that the only piece of personal information that eBay encrypted was users’ passwords.  The remaining data – names, email addresses, postal addresses, date of birth and so – was stored in plain text on its servers.  All the attackers had to do was compromise the email of a few eBay employees, and they had access to a diamond mine of data that could be used for phishing, cloning identities and other nefarious purposes.

It seems the company applied the same levels of security to the data it held as you’d expect on the laptop of a small rural auctioneer.  The ramifications of this are likely to be felt by eBay for some time.

What’s more, the past week saw Apple’s reputation for security take a severe blow, when it was announced that the iCloud activation lock (which protects iPhones, iPads and other devices if they are lost or stolen) has a fundamental flaw which can be worked around with a simple downloadable tool.  This means thieves can unlock devices and access data on stolen devices at will – until Apple rolls out a fix.  Pentura MD Steve Smith commented on this issue here:  http://www.scmagazineuk.com/apples-icloud-activation-lock-cracked/article/348295/

What a difference a week can make to a company’s reputation.

From → pentura

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: