The Mother Of All Government Data Breaches Is Happening Right Now

in #cybersecurity6 years ago

There is another casualty of the government shutdown.

We now have over 200 websites that did not have their SSL certificates updated. This means they are vulnerable to hackers picking up any information transmitted, including social security numbers and passwords.

This is because IT personnel were deemed non-essential by the government. During the shutdown which lasts about a month, the certificates expired. Since the updates were not done, the encryption used is no longer there.

To read full article, click on image.

Sort:  

This is overblown. Connections to these sites are still encrypted. This constitutes a vulnerability, not a breach. If you visit the site your browser can no longer validate the cert, meaning if someone intercepted the communication, they could launch a man-in-the-middle attack. Modern browsers are smart enough to recognize an expired cert and introduce controls to prevent you from going to the site, so if you are worried about it, don't bypass the controls.

About 82.7$ has been spent to promote this content.

You got a 37.33% upvote from @dailyupvotes courtesy of @steemium!

@dailyupvotes is the only bot with guaranteed ROI of at least 1%

Thanks for using @edensgarden!

You got a 66.72% upvote from @joeparys! Thank you for your support of our services. To continue your support, please follow and delegate Steem power to @joeparys for daily steem and steem dollar payouts!