Blog article
See all stories ยป

Nyse network data exposed on unsecured server

Another day, another example of sloppy security.

Wired reports that sensitive information about the New York Stock Exchange's network has been lying around on an unsecured server for about a year.

On the server were "directories of files containing logs, server names, IP addresses, lists of hardware, lists of software versions running on the network, and configuration and patch histories (including which patches have not yet been installed)".

All this was available for anyone interested on a publicly accessible, unprotected FTP server maintained by data storage firm EMC.

It appears Nyse knew nothing about the risk EMC was running with its data until Wired got in touch. The two firms have since "discussed" the matter.

Seems pretty poor from EMC, which of course owns security specialist RSA.

4469

Comments: (0)

Matt White

Matt White

North America editor

Finextra

Member since

27 Nov 2006

Location

Toronto

Blog posts

85

Comments

186

More from Matt

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...


See all