Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Blind Social Network Exposed User Data: Password Issues and Security Risks

General Esm H446
Blind is a workplace social network that lets employees at various companies discuss sensitive topics anonymously. The company describes it as a safe place where workers can talk about salaries, workplace concerns and employee misconduct without being identified. But Blind recently left a database server unsecured, exposing some of its users' account information, including their corporate email addresses. The data exposure was first reported by TechCrunch, and it was uncovered by a security researcher going by the name Mossab H. The database included user posts and private comments as well as passwords that were stored via the outdated MD5 algorithm. TechCrunch said it was able to unscramble many of those passwords using easily accessible tools. Further, while TechCrunch didn't find any comments or messages linked to email addresses, it did find email addresses, many stored in plaintext, that were linked to members that hadn't yet posted on Blind.

The link for this article located at Engadget is no longer available.