| ▲ | milesskorpen 5 days ago | |
Does it matter? Wasn't a technical breach of their systems, but instead social engineering. | ||
| ▲ | poemxo 5 days ago | parent | next [-] | |
If a cloud-based system doesn't support technologies that deter social engineering, it's still a problem. Some login portals to check your credit history don't even support 2FA. So I think it matters, I think access systems should be designed with a wider set of human behaviors in mind, and there should be technical hurdles to leaking a majority of customers' personal information. | ||
| ▲ | politelemon 5 days ago | parent | prev [-] | |
It matters. That's often a generic phrasing used to make it look like it was a partner's fault. But very often it is simply a platform that was managed by and configured by the company itself, which would mean more than just social engineering. Take a look at the language used in other breaches and it's very similarly veiled. | ||