NOM is in trouble

So I’ve been surfing around this morning and it seems even Brian S. Brown’s twitter account has been compromised.

I’ll tell you something I know about account authentication.

Human nature abhors trying to remember a bunch of different passwords. So what people do is either:

a) Use the same password everywhere
b) Use a munged version of the password by substitution.
c) Or use something so obscure, so impossible to remember normally. But points a & b are used.
d) Password retention policies are weak in most organizations.
e) Even in organizations that enforce password policies, they have to really enforce complete randomization else people will simply change one element of the password and use that as their new password.

What this tells me is that not only were NOM’s social media sites hacked, but that the person or group is running wild inside NOM’s infrastructure.

At this point in the game I’m doubtful that there will be any stunning revelations from NOM’s documentation. We’ve already seen their donors, seen their stunning strategy documents. But expect a dump of private emails, and other sundry of that nature.

And NOM can change all the passwords they want to change, but if the hackers who did this are worth their salt, there are backdoors installed on NOM’s systems.

I knew this would eventually happen. There are a hell of a lot of I.T. type folks who also happen to be LGBT and NOM’s actions get them plenty pissed off about things, pissed off enough to do something about it. And clearly someone or a group has had enough of NOM.

4 thoughts on “NOM is in trouble

  1. My memory isn’t clear on this, but didn’t Anonymous say a few months ago that they were going to go after NOM?

  2. On the other hand I have about 20 passwords, each on unique to the site I attend. And I can never remember any of them; I have to look them up. A nuisance I suppose but it feels safer.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.