Geoffrey Huntley recently purchased IBM RS/6000 E20 servers for about ~$20 AUD a server. Booted it up, logged on as the user root with the password root ( ) and got access to the machine.

Instead of finding a clean slate, where all data was wiped, Geoffrey found a system packed with data. Stuck print requests, backup tapes still inserted inside the tape drive, emails, user settings (including passwords, telephone numbers, etc) and a lot of sensitive information that shouldn’t have left the government facilities.

In addition, the computer contained high level source-code for all of the ticket validation machines used on the Sydney transport network (buses and ferries).

Additional details on this matter can be found at: http://www.geoffreyhuntley.com/news/data-security-101/

-

Is your site safe from XSS Attacks? Sign up for Automated Vulnerability Detection Service today!