IT services giant HCL left employee passwords, other sensitive data exposed online

IT services giant HCL left employee passwords exposed online, as well as customer project details, and other sensitive information, all without any form of authentication, research by security consultancy UpGuard reveals.

An HCL human resources portal published new employee names, usernames and clear text passwords. “The most sensitive stuff was on an HR portal and had a report for new hires, and it was very clearly being actively used,” Greg Pollock, vice-president of product at UpGuard, tells CSO. “Fifty-four people had been onboarded during the time period when I had found this.”

To read this article in full, please click here

Read more: IT services giant HCL left employee passwords, other sensitive data exposed online

Story added 20. May 2019, content source with full text you can find at link above.