All the passwords were stored in Active Directory description fields
A security lapse involving Active Directory has been highlighted, where passwords were stored in description fields. This oversight allowed hackers to easily access sensitive information, leading to a significant ransomware attack. The incident underscores the importance of secure password management practices in organizations.
- ▪Passwords were stored in Active Directory description fields, making them easily accessible to anyone with user access.
- ▪An Initial Access Broker exploited this vulnerability through a phishing campaign, gaining access to the network.
- ▪The hackers used the obtained credentials to delete backups and execute ransomware, affecting over 2000 users.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); SECURITY All the passwords were stored in Active Directory description fields It was far too easy for a hacker to get the information Avram Piltch Avram Piltch US editor Published thu 4 Jun 2026 // 06:00 UTC PWNED Welcome back to PWNED, the weekly column where we talk about weak security policies and how to avoid them.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at theregister.
Discussion
0 commentsMore from theregister
