Last week, Yahoo! announced a customer data breach, again illustrating the vulnerability of user identities on widely used services. As reported by GovInfoSecurity, among others, a hacking group called D33Ds posted more than 400,000 usernames and passwords online.
The passwords were apparently stored in plain text and not encrypted, which highlights the need for service providers to implement stronger security practices and better protect user names and passwords.
While we continue to advise users on the ways they can strengthen the security of their personal information, companies storing that information must meet a minimum standard to help them do that. Network security won’t stop every attack, so encryption of personal information should be seen as the first wall of defense.
Comments? Email firstname.lastname@example.org