This post was originally published on this site

The North American Electric Reliability Corporation announced an unidentified U.S. power company will pay $2.7 million to settle charges of poor security practices, Gizmodo reports. The settlement comes after a security researcher discovered more than 30,000 company records were exposed without any form of protection. The data was publicly available for 70 days and contained information including usernames and “cryptographic information� related to those usernames and passwords. “Exposure of the username and cryptographic information could aid a malicious attacker in using this information to decode the passwords,� the NERC filing states. “A malicious attacker could use this information to breach the secure infrastructure and access the internal [critical cyber assets] by jumping from host to host within the network.�
Full Story

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!