Why Patriot Software’s software was the real problem
Patriot Software has admitted that it failed to secure the passwords of nearly 10 million users.
The software maker admitted it had to change a system that had previously been secure, but said it would be fixing the flaw by the end of the week.
“We’ve made a series of improvements to the way we manage our network and have worked closely with the company that owns our network to make those changes,” said the company in a statement.
“While we have been very sensitive to the privacy and security concerns raised, we are taking immediate action to ensure the passwords and information that are currently on the Patriot Network remain secure.”
The vulnerability was discovered when the company’s internal software was running, and it was patched on Thursday, with the new system being used to encrypt passwords.
The company said it had identified other vulnerabilities in the software and had worked with the FBI, the FBI said.
It added that the changes had not affected its security of the network, nor had the company contacted the US Congress about the vulnerabilities.
“Patriot Software has always been committed to ensuring our software is safe and secure, and we have not made any changes to Patriot Network passwords,” the company said.
“It is our hope that we will be able to fully restore the public trust in the Patriot network by the middle of next week.”
The company was also criticised for its slow response to the problem, with many users not being notified of the problems until a week later.
“The problem is, if we were to have done this yesterday, we would have been out of business within 24 hours,” one user said on Reddit.
“So we can see how this is a big problem for a company that claims to be about user privacy.”
Other users have criticised the company for not responding sooner, as well as a lack of transparency around the problems.
“I just think they are just as responsible as anyone for not fixing the problem,” another user said.
The issue has been raised in a series by social media users, who have criticised Patriot for failing to notify users in a timely manner.
“This was the biggest security vulnerability since the iPhone 5,” one person wrote.
“Now they are going to get caught.”