Full Disclosure mailing list archives
Re: AOL confirms compromise
From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 29 Apr 2014 18:21:17 -0400
On Tue, Apr 29, 2014 at 11:30 AM, Daniel Hadfield <dan () pingsweep co uk> wrote:
http://blog.aol.com/2014/04/28/aol-security-update/
Ouch... Have any details of the "encryption" been analyzed or discussed? Its always interesting to see what a company considers "best practice". Jeff <quote> AOL's investigation is still underway, however, we have determined that there was unauthorized access to information regarding a significant number of user accounts. This information included AOL users' email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information... </quote> _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- AOL confirms compromise Daniel Hadfield (Apr 29)
- Re: AOL confirms compromise Jeffrey Walton (Apr 29)
- Re: AOL confirms compromise Brandon Perry (Apr 29)
- Re: AOL confirms compromise Jeffrey Walton (Apr 29)