Passwords for more than a half million internet connected devices leaked

Even though a set of guidelines for IoT Security Principles has been released it will take some time for them to be ratified and adopted.

In the mean time we can expect to see a these sorts of leaks to continue for some time to come.

What was leaked? The login credentials for over 515,000 servers, home routers and Internet of Things (IoT) smart devices.

According to the leaker:

"the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations."

It's amazing that these devices not only ship with default passwords, but that they NEVER force the user to set a new password upon first use.