"The accounts of millions of AOL subscribers were jeopardized this week due to a serious flaw in the company's Web-based mail system.
The vulnerability stems from an error in one of AOL's international e-mail authentication systems, which granted users access without correctly verifying passwords. By simply entering an account name, an AOL user had the ability to read any other user's e-mail and all personal data contained therein.
Private correspondence suddenly became open for public perusal, and sensitive information such as passwords and account numbers were potentially exposed to prying eyes.
Although AOL plugged the security hole early Wednesday morning, it is unclear at this point how many AOL and AIM accounts have been compromised."
BetaNews
:Q
The vulnerability stems from an error in one of AOL's international e-mail authentication systems, which granted users access without correctly verifying passwords. By simply entering an account name, an AOL user had the ability to read any other user's e-mail and all personal data contained therein.
Private correspondence suddenly became open for public perusal, and sensitive information such as passwords and account numbers were potentially exposed to prying eyes.
Although AOL plugged the security hole early Wednesday morning, it is unclear at this point how many AOL and AIM accounts have been compromised."
BetaNews
:Q