Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission + - Dutch ISP discovers 140,000 customers with default password 1

bs0d3 writes: In Holland, a major ISP known as KPN has found a major security flaw for their customers. It seems that all customers have had the same default password of 'welkom01'. Up to 140,000 customers had retained their default passwords. Once inside attackers could have found bank account and credit card numbers. KPN has since changed all the passwords of the 140,000 customers with weak passwords. They also do not believe anyone has actually been burglarized since discovering this weak spot in security.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Dutch ISP discovers 140,000 customers with default password

Comments Filter:
  • As a counter-example, I once worked for an ISP which had originally assigned all its customers randomly-generated *strong* passwords. Five years later, just under half of the customers were still using the strong passwords. I know because I had to migrate all the accounts to an incompatible password system, and John the Ripper could only crack around 60% of them. Lesson learned: Many customers will stick with whatever you give them, even if it's inconvenient.

When a fellow says, "It ain't the money but the principle of the thing," it's the money. -- Kim Hubbard