Data exposed on NYSE server

It has been disclosed that sensitive information about the New York Stock Exchange's computer network was available on a public server. Wired.com discovered the problem and told the NYSE. It included several directories of files containing logs, server names and patch histories, among other pieces of information.

The information was available on a publicly accessible, unprotected FTP server maintained by EMC, a company that sells storage systems and managed services. "We have discussed the matter with EMC and at this point we believe that there has been no impact on our operations or our customers," NYSE spokeswoman Mirtha Medina told Wired.com.

The exposed information could allow an intruder to figure out NYSE's network architecture and identify the system's vulnerability, according to experts. "Leaving information like this in a 'public' place definitely would make a bad guy's job somewhat easier," said an information security specialist in an email to Wired.com.

One of the documents easily available contained a long list of low-level and high-level warnings, some indicating where patches had not yet been installed. If this kind of breach can happen anywhere, could it happen to you? And what can you do to keep your system tightly buttoned?

For more on the NYSE breach:
- check out this Wired.com article

Related Articles:
The high cost of data breaches just got higher
Organized crime heads to cyberspace
What to do after a data breach