dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
8
dave
Premium Member
join:2000-05-04
not in ohio

dave to Snowy

Premium Member

to Snowy

Re: Personal info of 1m compromised in Nationwide breach

Depends how they stole it, I supposed. If they got the database files, sure - encryption would protect it. But if they cracked someone's account and then executed a "legitimate" database listing program, it might obligingly list the plaintext data. Encryption's all very well as long as you don't have the level of access where it gets decrypted for use.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy

Premium Member

said by dave:

Depends how they stole it, I supposed. If they got the database files, sure - encryption would protect it. But if they cracked someone's account and then executed a "legitimate" database listing program, it might obligingly list the plaintext data.

Judging by the timeline of illegal access to discovery (less than 1 day) the hacker wouldn't have had time to have converted up to a million records to plain text but instead just moved a plain text database offsite.