1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CFAA anti-hacking law applies to using shared password, appeals court said

Discussion in 'Network World' started by RSS, Jul 6, 2016.

  1. RSS

    RSS New Member Member

    Millions of Americans willingly share passwords with family or friends to access devices or accounts, but the Ninth Circuit Court of Appeals considered using a willingly shared password to be covered under the anti-hacking Computer Fraud and Abuse Act (CFAA) law.

    After previously being found guilty, David Nosal appealed since he believed he should not have been found guilty of CFAA as he didn’t actually hack his former employer, Korn/Ferry. Instead, he gained access through passwords that had been voluntarily shared with him by other employees after he left the company and his credentials were revoked.

    But in a 2-1 decision, the federal appeals court may have set a dangerous precedent which could ultimately affect millions of Americans who use a willingly shared password. Password-sharing was not allowed by Korn/Ferry, so Circuit Judge Margaret McKeowin wrote (pdf) that Nosal had acted “without authorization” and therefore falls under the CFAA.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page