It turns out that Elsevier, who provides the article subscription service, has made user account information public


by

Blogtrepreneur

It has become clear that Elsevier , the world's largest medical and scientific publisher, has kept users' email addresses and passwords open on servers. The cause is that it is 'an artificial setting error'.

Education and Science Giant Elsevier Left Users' Passwords Exposed Online-Motherboard
https://motherboard.vice.com/en_us/article/vbw8b9/elsevier-user-passwords-exposed-online

Elsevier is a publisher of scientific journals and medical journals, and also offers an online subscription service. According to a cybersecurity company 'SpiderSilk', Elsevier has made its own server, including the user's email address and password, accessible to anyone. 'Most of the users were students and university faculty members using the .edu domain distributed by educational institutions,' said Mosad Hassan, Chief Executive Officer of SpiderSilk's security department. Email services and iCloud may use the same password, 'pointed out the danger of this matter.

Data can be displayed using the visualization platform Kibana, and when the news site's Motherboard changed the password registered with Elsevier, the new password was published on the server in an unencrypted clear text It seems that I could confirm that.


By

stokkete

SpiderSilk has provided information to Elsevier about this issue, and the server is already in a protected state. According to Motherboard, Elsevier says, 'The cause is currently under investigation, but human error may have caused the server to be misconfigured. We will also send an email asking the user to reset their account.' I commented that.

By the way, regarding Elsevier's article subscription service, there are some universities that discontinue the contract because they don't like the high subscription fee, and some universities make price reduction requests.

A large number of universities discontinue subscription contracts with articles such as Elsevier, which dislikes too expensive subscription fees-GIGAZINE



Universities demand price reduction in contract negotiations of Elsevier's dissertation reading system which costs 5.7 billion yen in 5 years-GIGAZINE



in Security, Posted by darkhorse_log