According to an employee with knowledge of the system, the password to the Louvre's video surveillance system was simply "Louvre" at the time of the robbery last month.
Not surprising tbh.,I’ve been in a security meeting before where the owner of the company just said outright his password was written in big letters on the outside of the building we were sitting in. Some people really have zero sense for security or just don’t care.
I grew up having to learn everything about network security at home, on a windows PC, in a family with no regard for the concept of internet security because basically the idea didn’t exist yet. I was the one who scrubbed the PC every week and removed the 1300 toolbars and spyware apps, I was the one who had to repair the registry every time a sibling downloaded a file sent to him by a “hot girl” claiming it was a picture of her boobs.
So it’s maddening now working in a company of adult humans who are so bad at safety and security that our workstations have even had their settings menus neutered because everyone is so bad at security. Yesterday someone asked how to install the file they received in email titled “security update, please install asap!” from “rnicrosoft. com.”
One time I got written up for stating that “failing to take cyber security seriously creates a massive potential liability” for the company. Apparently that was “out of line.”
Well you know what else is out of line? Critical infrastructure organizations (i.e. utilities) that don’t take security seriously.
I would really like to see companies held more accountable for their data security. If data gets leaked through some security breach, regardless of the criminality of the perpetrators of that breach, if it contains sensitive data like unhashed passwords, credit card or other personal data, and other potentially even more sensitive stuff (medical, financial), the company that was supposed to secure that data needs to be held liable too.
Any company that stores any of that kind of data, needs to have real security experts on board and listen to them. If you can’t, don’t store that kind of data.
Not surprising tbh.,I’ve been in a security meeting before where the owner of the company just said outright his password was written in big letters on the outside of the building we were sitting in. Some people really have zero sense for security or just don’t care.
I grew up having to learn everything about network security at home, on a windows PC, in a family with no regard for the concept of internet security because basically the idea didn’t exist yet. I was the one who scrubbed the PC every week and removed the 1300 toolbars and spyware apps, I was the one who had to repair the registry every time a sibling downloaded a file sent to him by a “hot girl” claiming it was a picture of her boobs.
So it’s maddening now working in a company of adult humans who are so bad at safety and security that our workstations have even had their settings menus neutered because everyone is so bad at security. Yesterday someone asked how to install the file they received in email titled “security update, please install asap!” from “rnicrosoft. com.”
One time I got written up for stating that “failing to take cyber security seriously creates a massive potential liability” for the company. Apparently that was “out of line.”
Well you know what else is out of line? Critical infrastructure organizations (i.e. utilities) that don’t take security seriously.
I do not miss that dumpster fire.
I would really like to see companies held more accountable for their data security. If data gets leaked through some security breach, regardless of the criminality of the perpetrators of that breach, if it contains sensitive data like unhashed passwords, credit card or other personal data, and other potentially even more sensitive stuff (medical, financial), the company that was supposed to secure that data needs to be held liable too.
Any company that stores any of that kind of data, needs to have real security experts on board and listen to them. If you can’t, don’t store that kind of data.