Wednesday, October 26, 2011

90.000 Passwords Astray

Loads of journalists (which makes for a big news coverage) and many others have reported to the police that the password to their email accounts and other accounts have been compromised and published via a Twitter account.

As many as 90 000 or more passwords and so called "hashcodes" (whatever they are) from a hacked site may be in the hands of wrong users.

The passwords to the journalists email accounts were published on the parliamentarian William Petzäll´s Twitter account. Petzäll was formerly a Swedish Democrat - the ultra nationalistic and xenophobe party in Sweden -but was recently kicked out of the party for among other things his excessive drug abuse. He of course claims he is innocent and that his own accounts were hacked also. 

All the lost codes come from a single database that has been hacked.

The news about this has of course led to some panic and we - the users - are now being told what to do and how to create stronger passwords.

In my mind the fault must be placed elsewhere. Of course the users should and must create stronger passwords but the prime responsibility must always rest with the companies that ask us for them without taking the necessary safeguards to protect them.properly and safely.

William Petzälls role in this mess must still be considered "unclear" at the best.


  1. Totally hit the nail on the head there - yes we the lazy user (points at self) *should* think about security for our passwords etc but no, one ABCDE pw does not cause the release of 100k plus others details. Trouble is, even reasonable security costs and companies like to shave those bits. Been there done that. And it only takes one pissed off serf with access to that data to turn around and lose it and wham...system wide open. Been there, been tempted..
    'Legion Of Doom' hackers do indeed exist, but often thats a convenient excuse for totally inadequate internal company systems.
    sirhc, sysadmin(retd)


If you are overtly offensive or go way off topic your comment may be deleted.

If you see an offensive or spammy comment you believe should be deleted, please inform me and I'll be forever grateful and give you my first born (although, you'll probably not want that).