Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Former IT contractor convicted for wiping 96 US government databases

⁨73⁩ ⁨likes⁩

Submitted ⁨⁨19⁩ ⁨hours⁩ ago⁩ by ⁨Lemmynated@lemmy.zip⁩ to ⁨technology@lemmy.zip⁩

https://cyberinsider.com/former-it-contractor-convicted-for-wiping-96-us-government-databases/

source

Comments

Sort:hotnewtop
  • floofloof@lemmy.ca ⁨17⁩ ⁨hours⁩ ago

    According to court evidence, the incident began on Feb. 1, 2025, when Muneeb Akhter asked his brother for the plaintext password of a user who had submitted a complaint through the Equal Employment Opportunity Commission’s Public Portal. Sohaib allegedly queried the EEOC database to retrieve the credentials, which were then used to access the victim’s email account without authorization.

    That shouldn’t be possible. Why were they storing passwords in plain text?

    source
    • deadbeef79000@lemmy.nz ⁨15⁩ ⁨hours⁩ ago

      So can tell them what it is when they forget it. Duh.

      source
    • alia@nord.pub ⁨14⁩ ⁨hours⁩ ago

      They’re likely storing hashes. Which you can derive from the password.

      source
      • dabster291@lemmy.zip ⁨7⁩ ⁨hours⁩ ago

        You can’t un-hash a hash back into plaintext, though…

        source
        • -> View More Comments