Yet Another Security Failure At KPN: Online Personal Accounts Of 120,000 ADSL Users Use Standard Password “welkom01″

July 2012
M	T	W	T	F	S	S
« Jun		Aug »
	1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31

Posted: 2012/07/05 in Education / Awareness, Network Security, Privacy / Data Protection, Stats / reports

And their username is a standard combination of zip code and house number. As another 20,000 ADSL users use that standard username also as their password, the total of easily accessible online personal accounts amounts to 140,000.

Now is there anything interesting to see when logging into that online “self-care” environment of ADSL users?

Well, it presents people with: personal details, bank account number, subscription type and the ability to change the user’s password.

KPN says it has immediately taken the necessary measures to remedy the problem.

Dutch language news article and KPN press release:

http://www.nu.nl/internet/2851746/140000-adsl-accounts-lek-blunder-kpn.html

http://forum.kpn.com/t5/News-stream/KPN-verbetert-inlogbeveiliging-online-self-care-omgeving-voor/ba-p/39987

Previously:

KPN Shuts Down 2 Million Dutch E-Mail Accounts
http://vrritti.com/2012/02/10/kpn-shuts-down-2-million-dutch-e-mail-accounts/

KPN Hacker To Remain In Custody For Another 30 Days
http://vrritti.com/2012/04/05/kpn-hacker-to-remain-in-custody-for-another-30-days/

KPN Makes Mistake Configuring Mailserver: City Of Amsterdam Loses 2 Days Worth Of Incoming E-mails
http://vrritti.com/2012/03/05/kpn-makes-mistake-configuring-mailserver-city-of-amsterdam-loses-2-days-worth-of-incoming-e-mails/

Dutch Government: KPN Hackers Were Able To Manipulate Internet Traffic. Have They Caused Recent Outages?
http://vrritti.com/2012/02/20/dutch-government-kpn-hackers-were-able-to-manipulate-internet-traffic-have-they-caused-recent-outages/

KPN Decides To Outsmart Hackers…By Sending Snail Mail Containing Usernames And Passwords
http://vrritti.com/2012/02/17/kpn-decides-to-outsmart-hackers-by-sending-snail-mail-containing-usernames-and-passwords/

Fastest police investigation ever: Dutch internet users who filed criminal complaints against DPI using providers KPN, Vodafone and T-Mobile received a letter from prosecution authorities that there were no grounds for prosecution and that no suspects could be identified. The letter was received one day after they filed their complaints
http://vrritti.com/2011/08/31/fastest-police-investigation-ever-dutch-internet-users-who-filed-criminal-complaints-against-dpi-using-providers-kpn-vodafone-and-t-mobile-received-a-letter-from-prosecution-authorities-that-there-w/

About these ads

Comments are closed.

vRRitti.com, providing sentiency

Categories

Recent Posts