Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

Submission + - My IT department wants you to hack my account 1

An anonymous reader writes: I work for a publicly traded company. When I submit tickets to helpdesk, they reply with an automated response which has a link to the ticket. Nothing special there, right? The only thing is, it is a plain http: link, leading to a page that immediately asks for my password. If I add an s after the http, there is not even a listener there. So the only way I can access that page is to send my password in the clear. That server is geographically distant, so I am pretty sure I would be sending my password in the clear over the internet. (And even if it is fully intranet-based, isn't this still a pretty big risk?) Again, it is my IT department which is sending this link. This is not the first company where I have seen this. So I am starting to think that the easiest way for a hacker to compromise a company is actually provided as a service by that company's IT department. How common is this, and how can it possibly be happening? More generally, how safe is my personal data that I provide to corporations, when they may be so astoundingly easy to compromise?

Slashdot Top Deals

The fancy is indeed no other than a mode of memory emancipated from the order of space and time. -- Samuel Taylor Coleridge

Working...