Hey All,

just another reason to shake your head at the ignorance of AOL


Using a combination of trade tricks and clever programming, hackers have thoroughly compromised security at America Online, potentially exposing the personal information of AOL's 35 million users.

The most recent exploit, launched last week, gave a hacker full access to Merlin, AOL's latest customer database application. As a security measure, Merlin runs only on AOL's internal network, but savvy hackers have found a way to break in.
The hack involves tricking an AOL employee into accepting a file using Instant Messenger or uploading a Trojan horse to an AOL file library. When the file is executed, the Trojan horse connects the user who launched it to an Internet relay chat server, which the hacker can use to issue commands on the targeted machine. This allows the hacker to enter the internal AOL network and the Merlin application.

It also states...
These so-called social engineering tactics involve calling AOL customer support centers and simply asking to have a given user's password reset. Logging in with the new password gives the intruder full access to the account.
Is AOL customer support really that dumb ??? aperently .. yes

AOL did not return repeated calls requesting comment for this story.
LOL i wonder why ?

"You see all those commercials saying AOL 8.0 is so secure," said Dan. "If people knew how insecure their data was they probably wouldn't use it."
EXACTLY !

anyways to read the full story for yourself and get a laugh or just shake your head at ignorence you can find it Here