[HN Gopher] Cyber house of cards - Politicians' personal details...
___________________________________________________________________
Cyber house of cards - Politicians' personal details exposed online
Author : billybuckwheat
Score : 23 points
Date : 2024-05-31 20:59 UTC (2 hours ago)
(HTM) web link (proton.me)
(TXT) w3m dump (proton.me)
| straxsontaran wrote:
| Ah yes, the people in charge of passing new cybersecurity laws
| also sign up for new services with their official email addresses
| and passwords like abc12345!
| wudangmonk wrote:
| The password says it all, they forgot to include an uppercase
| letter.
| Terr_ wrote:
| Worth emphasis:
|
| > The fact that these emails, which are publicly available on
| government websites, are on the dark web isn't a security failure
| by itself. [...] Instead, it shows that politicians used their
| official email addresses to set up accounts on third-party
| websites (which were later hacked or suffered a breach), putting
| themselves and the information they're entrusted to keep safe
| needlessly at risk.
| theginger wrote:
| 1 person's needlessly at risk is another persons essential work.
| UK members of Parliament are very active in their local
| community, their parliamentary email address is the normal one to
| be using for this type of work and may involve needing to sign up
| for things with an email address. When they are following best
| practices and using a unique password then they aren't really
| putting anyone's information at risk. They are at risk from
| phishing attacks simply by having such an email address which is
| publicly available, but that is an accepted and managed risk and
| definitely not needless.
| badrabbit wrote:
| People look at this and think "dumb politicians" but that's not
| the right conclusion. The security teams responsible for
| protecting them are to blame, yes, even for poor password choices
| and drarkweb leaks.
___________________________________________________________________
(page generated 2024-05-31 23:00 UTC)