bohemia on Nostr: It is massive, egregious neglect of basic, foundational cybersecurity principles. ...
It is massive, egregious neglect of basic, foundational cybersecurity principles. Least privilege and access control are harped on in the most elementary teachings. I don't know if contracting offshore for handling of PII is the industry norm, but it seems very risky to give unfettered access to people who aren't directly employed. Seems they got too big for their britches, as my grandma would say. It will be interesting to see how they fare after this.
Published at
2025-06-11 17:07:25Event JSON
{
"id": "03bf7b673ee274f7fbe809aab54aa134b62b97219e1009cfdefd1875d123b2c4",
"pubkey": "4dc2e570c54fef8313fa304f52974044ed6c128510052600a9b84d837b8126f9",
"created_at": 1749661645,
"kind": 1,
"tags": [
[
"e",
"5848914368c508fe77490a9589fabf65547366e53b3e1eeeaa551681d50c194a",
"",
"root"
],
[
"e",
"4a046d5891b9a53bc2c9b5f3a244a4f53c40886c5c7a7252403f4e4887277979"
],
[
"e",
"029f1f31820482a6ab441beaae20ee750249182f16b40741b656edca3bf8e192",
"",
"reply"
],
[
"p",
"4dc2e570c54fef8313fa304f52974044ed6c128510052600a9b84d837b8126f9"
],
[
"p",
"d28413712171c33e117d4bd0930ac05b2c51b30eb3021ef8d4f1233f02c90a2b"
]
],
"content": "It is massive, egregious neglect of basic, foundational cybersecurity principles. Least privilege and access control are harped on in the most elementary teachings. I don't know if contracting offshore for handling of PII is the industry norm, but it seems very risky to give unfettered access to people who aren't directly employed. Seems they got too big for their britches, as my grandma would say. It will be interesting to see how they fare after this.",
"sig": "70bbab0ff5d53a8c397c95ed0c24a00659a6a571bcded4c29438f935b01a9d7b917d53db0b4ac94fd44f0910fa3dbe9c6d2652b7fbc051799155c0981de4acef"
}
