Amazon criticised for security of lost passwords

By
Follow google news

Amazon has been criticised for relying on insecure methods for granting access to its sites after users claimed to have forgotten their passwords.

According to a report by the Financial Times, researchers at the Black Hat conference in Las Vegas showed how users of Amazon's Elastic Compute Cloud (EC2) services were tricked into using virtual machines that could have included ‘back doors' for snooping.

The report claimed that the developments help illustrate why offsite computing power, data storage, and software have not matured to the level that the largest potential clients would require.

However, Simon Abrahams, head of products at EMEA at Rackspace Hosting, claimed that the report should not cause concern about how data stored offsite or in the cloud is less secure, as breaches almost always happen internally.

Abrahams said: “It is quite wrong to say that these developments help illustrate why offsite computing power, data storage and software, have not matured to the level that the largest potential clients would require.

“The issue is not on-premise versus offsite, it is much more about shared versus dedicated. This sort of occurrence only makes the hybrid approach, where customers choose a combination of private and public clouds, depending on the sensitivity of the information, more compelling.”


See original article on scmagazineuk.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
amazonbookclouddatalostpasswordsretailsecuritywebsite

Sponsored Whitepapers

Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
The cloud tipping point
The cloud tipping point

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

Telstra used ConnectID impermissibly for months
University of Sydney "online IT code library" breached

University of Sydney "online IT code library" breached
NSW Health clinicians "normalise" bypass of cyber security controls

NSW Health clinicians "normalise" bypass of cyber security controls
UK government was hacked in October, minister confirms

UK government was hacked in October, minister confirms
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?