Internet mailbox for 'China's Got Talent' compromised

The internet mailbox for the Chinese version of the Got Talent TV series has been compromised with sensitive information exposed.

Shanghai Daily reported that the mailbox for China's Got Talent was raided and emptied on this week. The raid included 900 emails about the program's detailed running schedules, plans and contestant details, and the production manual of the Got Talent series, which was purchased from Fremantle Media and is valued at around £280,000 (A$487,000).

It claimed that the mailbox was for the use of the Dragon TV's internal employees only, so it had simple passwords for easy communication.

Rik Ferguson, senior security advisor at Trend Micro, commented that the tone of the article, and the concern from Dragon TV, certainly seem to suggest that there may not have been a backup in place.

He said: “For me the most shocking quote from the article is ‘the mailbox was for the use of the Dragon TV's internal employees only so it had simple passwords for easy communication'. So, an internet-facing, shared mailbox contained highly confidential information with simple passwords?

“It seems almost too incredible that the aforementioned combination of circumstances should even occur. If information is sensitive, do not allow access to it from the internet. If information is sensitive do not store it in a shared mailbox, it is impossible to audit effectively, and never use simple passwords, for any reason, ever. If you have a document worth almost half a million dollars, encrypt it.”

See original article on scmagazineus.com