Accenture data breach

http://www.zdnet.com/article/accenture-left-a-huge-trove-of-client-passwords-on-exposed-servers/

Each server contained a range of different types of credentials, including private signing keys that could be used to impersonate the company, and passwords -- some of which were stored in plaintext.

Vickery said he also found Accenture's master keys for its Amazon Web Service's Key Management System (KMS), which if stolen could allow an attacker full control over the company's encrypted data stored on Amazon's servers.


Sign In or Register to comment.