Exploit: Password Compromise
Mensa: Intellectual Club
Risk to Small Business: 1.827 = Severe
Mensa UK experienced a hack on its website that has resulted in the theft of members’ personal data. The organization had reportedly failed to secure the data of its 18,000 members properly. The stored passwords of Mensa members who accessed the site were not hashed or encrypted in any way, with some sent and stored in plain text, making it a snap for hackers to gain entry. The hackers were able to access and use a Director’s password, to extract an indeterminate amount of information including personal details of members and private conversations conducted on the platform.
Individual Risk: No sensitive personal or financial information was announced as part of this incident, but the investigation is ongoing.
Customers Impacted: 21,000
How it Could Affect Your Customers’ Business: Password compromise is a constant menace for companies that don’t use contemporary safety protocols like multifactor authentication, let alone handling passwords in plain text files.