I doubt they are that rookie about it...
But I do suspect a lot of these "breaches" are inside jobs though.
At the rate they are happening, nobody is held accountable... This is a good value proposition for an enterprising hard working person...
Comment on Ticketmaster breach, beaches in general
Rhaedas@fedia.io 5 months ago
I've come to the conclusion that all these breach notices and the free stuff they offer for X months is a huge scam to get you sign up up for something. Either that, or every company has woefully underpaid/incompetent IT people. I'm waiting for the next news story to break on another company that somehow got passwords or identity info hacked that was stored in plain text...something I learned how to not do back in the 90s with basic HTML and PHP.
I doubt they are that rookie about it...
But I do suspect a lot of these "breaches" are inside jobs though.
At the rate they are happening, nobody is held accountable... This is a good value proposition for an enterprising hard working person...
You can not believe them all you want. It doesn’t magically make everyone competent.
Businesses value MONEY first, not security, not happy customers, not competent staff. MONEY.
Which is cheaper? Get a product working enough to sell. Get a product properly developed, secured, and audited.
Pick one. Hint: cor’orations choose MONEY. Every time.
Your data is not safe, because rich pieces of shit like MONEY more than they like YOU.
ImplyingImplications@lemmy.ca 5 months ago
It’s this one. Cox Communications, one of the largest telecommunications companies in the US with $11 billion in revenue, recently patched a bug on their self-serve portal that allowed anyone to access any customer’s profile. The bug was that server requests weren’t being authenticated. If you entered the right info into the URL bar you’d be given a page with anyone’s customer info. No login needed.
Feathercrown@lemmy.world 5 months ago
That’s comically bad.