Plain Text Passwords Revealed in Latest Data Hemorrhage
Hemorrhaging information is never good for a company. After the massive “Heartbleed” scare it seemed logical to assume that businesses across the board would be double and triple checking their security measures and their readiness to combat attacks.
An advisory has been published concerning a data leak that puts 31,964 servers at risk for disclosing administrator passwords to hackers through a simple Internet scan on port 49152. The leak stems from the baseboard management controller (BMC) of Supermicro motherboards. A BMC enables administrators to monitor the physical state of servers. In other words, it helps to monitor server’s temperature, power supply voltage, fan speeds and humidity among other things.
Continuing with the bad news, the passwords that were stored in the compromised port were not even encrypted, they were in plain text. Considering anyone who has access to the internet can potentially access port 49152, there is no telling how many people have stolen the passwords.
The sad part is that the businesses were warned of potential problems with BMC's that were used in mass produced servers and a patch for the problem was even said to have been put in place. Unfortunately, the patch required the motherboards to be “flashed”, a complicated and potentially damaging process in itself for installing updates. However, businesses that are storing private customer data should have have taken the necessary steps to make sure their information was safe when the problem was first announced 10 months ago. Sadly, it's too late now for those who have had their passwords stolen from port 49152.
There is no way of telling when another data leak will happen but there are steps everyone can take to make sure they are doing their best to prevent their information from being stolen: Scan your files daily, make sure you security software is up to date, back-up all your files and watch for reported weak spots in the software and hardware that you are using. For more information on website security, search “security” on any Website Magazine page.
There are currently 9.8 million devices using port 49152.