|
AOL software flaw allows email account access without a password
Incident Date: January 2003 Incident Location: USA A security flaw in American Online’s mail system allowed people to read any user’s email without entering a password. Attackers needed simply to enter an account name. The vulnerability, which was closed January 22, 2003, was linked to a problem with AOL’s international e-mail authentication system. Sensitive information, such as passwords, account numbers, and instant message accounts were exposed. Hundreds of accounts were reportedly compromised before the exposure was addressed. Only AOL employee accounts were spared, because they required a SecurID passcode to use the account. Story Sources Title: AOL security flaw leaves accounts wide open Author: Date: 1/27/2003 Publication: Internet Week Publication Location: USA Publication URL: http://www.cmpnetasia.com/ViewArt.cfm?Artid=18471&Catid=5&subcat=50 Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |