French energy giant fined $600k for using insecure password hashing function


The French data protection authority (CNIL) has fined the energy company Électricité de France $600,000 for sending commercial marketing emails, collecting data without clarification, and failing to handle requests and store data securely.

ADVERTISEMENT

Électricité de France (EDF) is a French energy giant with 84 billion euros in turnover and nearly 26 million customers.

Failure to store data security entails using a weak hashing function to protect user passwords. According to CNIL, EDF had at least 25,800 users' passwords protected with a single MD5 hash as recently as July 2022.

"In defense, the company explains that, since January 2018, all registrations or changes to a user password are recorded in the directory associated with the ‘prime energy’ portal in SHA-256 with a random mechanism associated (salting). The MD5 hash only corresponds to the hash level historically implemented by the company […], an EDF subcontractor, and for which only a few thousand accounts were still concerned in April 2021," CNIL said.

MD5 is considered a weak and insecure hashing function generating a 128-bit hash value, while no one has been able to crack SHA 256 to date.

The company said that since the beginning of 2022, it had carried out a final purge of passwords that were protected using MD5 (3.2% of the total number of "prime energy customers"), and now, all the passwords are stored with salt and strong algorithm.

"In short, you wouldn't expect any company, let alone an energy sector behemoth like EDF, to use MD5 for any cryptographic purpose at all, let alone for securing passwords," cybersecurity company Sophos said.

The rapporteur also noted that while 11,241,166 account passwords are well-hashed and salted, 2,414,254 account passwords are hashed only without having been salted.

Password salting is a technique to protect passwords by adding a string of 32 or more characters and then hashing them.

ADVERTISEMENT

"The reason for a salt is simple: it ensures that the hash values of potential passwords cannot be calculated in advance and then brought along to help with an attack. Without salting, every time any user chooses the password 123456, the crooks know in advance what its hash would be. Even if the user chooses a more suitable password, such as 34DF6467!Lqa9, you can tell in advance that its MD5 hash will be 7063a00e 41866d47 f6226e60 67986e91," Sophos explained.