[deleted]

Comments

• floofloof@lemmy.ca ⁨3⁩ ⁨weeks⁩ ago

  According to court evidence, the incident began on Feb. 1, 2025, when Muneeb Akhter asked his brother for the plaintext password of a user who had submitted a complaint through the Equal Employment Opportunity Commission’s Public Portal. Sohaib allegedly queried the EEOC database to retrieve the credentials, which were then used to access the victim’s email account without authorization.

  That shouldn’t be possible. Why were they storing passwords in plain text?

  source

  • deadbeef79000@lemmy.nz ⁨3⁩ ⁨weeks⁩ ago

    So can tell them what it is when they forget it. Duh.

    source
  • alia@nord.pub ⁨3⁩ ⁨weeks⁩ ago

    They’re likely storing hashes. Which you can derive from the password.

    source

    • dabster291@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago

      You can’t un-hash a hash back into plaintext, though…

      source

      • -> View More Comments
• waterSticksToMyBalls@lemmy.world ⁨2⁩ ⁨weeks⁩ ago

  Who ever fired then without removing their credentials and network access is just as guilty.

  source