From: GovInfoSecurity
Grid Regulator Says Company Left Critical Data Exposed for 70 Days
An unnamed U.S. power company has agreed to a record settlement after it was accused of leaving sensitive data exposed online for 70 days in a violation of energy sector cybersecurity regulations.
***
“The data was exposed publicly on the internet for 70 days. The usernames of the database were also exposed, which included cryptographic information of those usernames and passwords,” according to the notice. “Exposure of the username and cryptographic information could aid a malicious attacker in using this information to decode the passwords.”
Leave a Reply