Leaky Database Leaves Oklahoma Police, Bank Vulnerable To Intruders (dailydot.com) 16
blottsie quotes a report from The Daily Dot: A leaky database has exposed the physical security of multiple Oklahoma Department of Public Safety facilities and at least one Oklahoma bank. The vulnerability -- which has reportedly been fixed -- was revealed on Tuesday by Chris Vickery, a MacKeeper security researcher who this year has revealed numerous data breaches affecting millions of Americans. The misconfigured database, which was managed by a company called Automation Integrated, was exposed for at least a week, according to Vickery, who said he spoke to the company's vice president on Saturday. Reached on Tuesday, however, an Automation Integrated employee said "no one" in the office was aware of the problem. Vickery was able to retrieve images of various doors, locks, RFID access panels, and the controller board of an alarm system all of which could be previously accessed without a username or password. The database also contained "details on the make, model, location, warranty coverage, and even whether or not the unit was still functional," Vickery said. What's worse is that Automated Integration is far from the only company whose database are left exposed online. "I have a constantly fluctuating list of 50 to 100 similar breaches that need to be reported," he said. "This one just happened to involve a security-related company and government buildings, so it got bumped to the top of my list."
cause it all needs to be easy to access online! (Score:2)
how else will Tina in payroll make her TPS reports!? She has problems sending faxes out, just imagine if she had to follow a rigid security policy insead of just clicking a button on her in-house programmed VBA front end for Access (or excel)!!
{because competent employees are worth less than pretty ones, if you believe the statistics on employment retention and wages earned. we get what we deserve.}
Open Security Standard (Score:2)
Re: (Score:1)
Re: (Score:2)