from the remove-fingers-from-dike-and-type-new-one dept.
bs0d3 writes "In Holland, a major ISP (KPN) has found a major security flaw for their customers. It seems that all customers have had the same default password of 'welkom01'. Up to 140,000 customers had retained their default passwords. Once inside attackers could have found bank account and credit card numbers. KPN has since changed all the passwords of the 140,000 customers with weak passwords. They also do not believe anyone has actually been burglarized since discovering this weak spot in security."