Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Researcher finds 100K passwords, user IDs, on IEEE site

Jaikumar Vijayan | Sept. 27, 2012
A Danish graduate student said he was searching for research material on an IEEE FTP server last week when he stumbled upon the usernames and passwords of about 100,000 members of the professional association.

In a statement, an IEEE spokeswoman today said the organization is aware of an incident regarding "inadvertent access to unencrypted log files containing user IDs and passwords."

"We have conducted a thorough investigation and the issue has been addressed and resolved. We are in the process of notifying those who may have been affected," the statement said.

The spokeswoman did not say how the data could be available on a public FTP server, or why it was stored in unencrypted fashion.

An IEEE alert to members ( available here) said that no financial information was exposed as a result of the error.

"However, it was theoretically possible for an unauthorized third party, using your ID and your password, to have accessed your IEEE account," the alert cautioned.

As a precautionary measure, IEEE has terminated access to accounts with current passwords and users will be required to create a new one next time they attempt to log into their accounts, the statement said.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.