Anti-Virus Firm BitDefender Admits Breach, Hacker Claims Stolen Passwords Are Unencrypted

Status
Not open for further replies.

Sloth

Level 5
Verified
Jun 24, 2015
212
Did I read Unencrypted Passwords?

6Y1Ft0S.jpg
 
  • Like
Reactions: tonibalas and Enju

Cch123

Level 7
Verified
May 6, 2014
335
Until the details come out, we cannot confirm that it is Bitdefender's fault for not encrypting passwords. Remember that the hacker said this himself:
The hacker also said that the data they had access to was unencrypted, “Yes they were unencrypted, I can prove it… they were using Amazon Elastic Web cloud which is notorious for SSL [a form of web encryption]problems.

It is implied from this that the flaw was in Amazon's infrastructure.
 

Sloth

Level 5
Verified
Jun 24, 2015
212
Until the details come out, we cannot confirm that it is Bitdefender's fault for not encrypting passwords. Remember that the hacker said this himself:

It is implied from this that the flaw was in Amazon's infrastructure.

Even if the hacker managed to break into Amazon's SSL, Bitdefender is at fault for not encrypting user passwords.

I can't imagine how such big security firms choose to store passwords as plain text. :eek:
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top