London Railway System Password Exposed in TV Documentary
Account login credentials for systems operated by the London Railway System were exposed after being conspicuously taped to the top of a monitor at a station featured in a recent BBC documentary, titled “Nick and Margaret: The Trouble with Our Trains,” which aired last week.
The credentials apparently were visible on camera for some 44 minutes of the documentary, which was posted to YouTube and subsequently pulled due to security concerns after the revelation that the password was exposed.
In a bit of irony, the documentary in which the London Railway System credentials were exposed was examining threats to security posed by hackers in which it had been asserted that unauthorized access to critical systems could allow an attacker to cause trains to collide.
To add insult to injury, the password that was exposed was incredibly weak – “Password3″ – raising concerns about the network security protocols at the mass transit authority.
This is not the first such instance of poor password management leading to the exposure of credentials, and most likely will not be the last.
In 2014, the World Cup security center’s internal WiFi passwords for the FIFA World Cup were similarly broadcast on live television, and more recently French TV network TV5Monde exposed multiple account credentials for a number of sensitive systems in a TV interview following a cyber attack that temporarily knocked the station off line.
Once again, the human element proves to be the weakest link in security.