[ad_1]
According to the press release, the NKSC will provide all possible assistance in investigating the case and urges individuals whose passwords have been leaked after the release of CityBee customer data to change them as soon as possible.
The information available to the NKSC, although the passwords are encrypted, can be guessed by automatic means. NKSC specialists also encourage changing passwords used not only on CityBee, but also on other accounts.
“Based on available information, passwords are provided in SHA1 format without additional security criteria (” salt “), so they can be automatically guessed and used for unauthorized account access. Preliminary data is preliminary for 2018 says Rytis Rainys, director of NKSC.
Photo by Sigismund Gedvila / 15min / Rytis Rainys
NKSC specialists advise CityBee customers on how to change passwords.
“If you use the same passwords to authenticate in different information systems, we recommend that you change the email immediately. Passwords for emails, social media accounts, other information systems, and consist of at least twelve characters that contain capital letters, lowercase, numbers, special characters. If the system provides that option, use a two-factor authentication service, as it provides greater security “, urges the cybersecurity specialists at NKSC.
15 minutes recalls that on Tuesday night, about 110,000 users of the CityBee car-sharing service registered in Lithuania leaked information.
According to the company, criminals posted consumer data from three years ago on one of the hackers’ favorite forums. In addition to the first names, last names and personal identification codes of some CityBee customers, phone numbers, email addresses, residential addresses, driver’s license numbers and encrypted passwords were also stolen.
Photo by CityBee / From now on it will be possible to park CityBee cars near the commercial city “Urmas”
15 minutes has previously announced that professionals, after evaluating the stolen data and now offered to potential buyers, conclude that customer passwords are easy to crack.
Artūras Orševskis, Director of Technology Consulting at KPMG Baltics, wrote on Facebook: “A poor encryption algorithm was used, as a result of which the vast majority of passwords are cracked. It took me a few hours to generate Citybee Top 10 one-word password database. “
On Tuesday evening, Justice Minister Evelina Dobrovolska discussed the situation with representatives of the police, the State Data Protection Inspectorate (VDAI) and the company that provides the CityBee service.
“It was at the meeting that we assessed the risks, which we considered low enough due to the use of driving licenses or bank card details,” the minister told a press conference.
With this in mind, he said, it is still not recommended that consumers rush to change documents.
[ad_2]
