14 DAY TRIAL // Dutch Internet service provider KPN has rushed to reset the passwords of 140,000 customers, after learning that most of them had failed to change the default ones.
Of a total of 180,000 Z ADSL clients, the accounts of 120,000 were protected by the same password: variations of “welkom1.” Another 20,000 accounts were easy to breach because customers utilized their usernames as passwords, KPN explained.
The accounts in question can be used to perform various operations, including adding or removing services and even changing the Internet connection’s speed.
The issue came to light after KPN was notified by news site Webwereld of a security hole involving the login procedures for ADSL customers.
All the affected individuals received emails containing explanations and detailed instructions for setting more secure passwords. Fortunately, so far, no signs of misuse have been identified.