AR Taringa Aug 2017 Hacking (Q10380)

From Open Risk Manual
A data breach risk event
Language Label Description Also known as
English
AR Taringa Aug 2017 Hacking
A data breach risk event

    Statements

    is instance of
    Hacking
    0 references
    involves entity
    Taringa
    0 references
    has date
    August 2017
    0 references
    has textual description
    Taringa, a Reddit-like social network website for Latin American users, has suffered a massive data breach in which 28 million accounts of registered users have been stolen. The details of the case indicate an astonishing lapse in best practices. The reported breach at Taringa highlights some fundamental issues, said Andrew Clarke, EMEA director at One Identity, via email. The fact that an administrative file holding passwords was accessible demonstrates little or no control over privileged accounts. Then the passwords were easily cracked since the company used a weak MD5 (128-bit) algorithm rather than SHA-256. And, the user passwords were not enforced by a strategic password policy since when revealed the passwords used by the users were fundamentally weak the most popular password used (English)
    1 reference
    is documented in URL
    https://www.hackread.com/latin-american-social-media-giant-taringa-hacked-28m-accounts-stolen/
    https://www.infosecurity-magazine.com/news/28-million-users-breached-at/
     
      Retrieved from "https://www.openriskmanual.org/wiki/index.php?title=Item:Q10380&oldid=47684"
      Creative Commons Attribution-NonCommercial-ShareAlike
      Powered by MediaWiki