In late 2014 it emerged Sony Pictures Entertainment had saved thousands of company passwords in a file directory entitled ‘Password’ – which made it nice and easy for the hackers.
This directory, it seems, was loaded with Word documents, Excel spreadsheets, zip files, and PDFs containing thousands of passwords to Sony Pictures’ internal computers, social media accounts, and web services accounts – which again made it nice and easy for the hackers to breach other systems.
Even more unfortunate, in the reporting of this hack, the directory was not even encrypted.
This may sound like basic security 101 but despite all the press and embarrassment this hack has generated, there probably still are companies out there with ‘Password’ written in neon lights in their corporate directories.
This is basic level stuff. For more sophisticated security, think about investing in multi-factor authentication. Without it, a simple breach of user name and password is like handing over the keys to the kingdom.