[–] daskapitalist 0 points 3 points 3 points (+3|-0) ago
Grey's Law in action. Can we start slapping multi-decade prison sentences on every member of Infosec and fine Equifax out of existence? There is no excuse for such shit security on web front ends for PII. Absolutely none. How the hell did these assholes pass an Infosec audit ever? I'd be thrown out on my ass for building an internal web front end for PII that didnt have a keyboard vomit for an admin password, much less one that was accessible to the freaking internet.
No excuse. Hang the diversity hire CSO and toss the entirety of Infosec in prison for decades.
[–] parnellsUprising 0 points 3 points 3 points (+3|-0) ago
TIL - credit freeze
https://krebsonsecurity.com/2017/09/the-equifax-breach-what-you-should-know/
[–] HeavyBeefCurtain 0 points 7 points 7 points (+7|-0) ago
That's the price you pay for having a diversity hire!
[–] cdglow 0 points 10 points 10 points (+10|-0) ago (edited ago)
This is so crazy that I almost can't believe it. Call me nuts, but is this Equifax thing maybe some kind of intentionally engineered distraction?
Even with a possible diversity hire in charge of security, how can a company be this repeatedly incompetent?
[–] [deleted] 0 points 2 points 2 points (+2|-0) ago
[–] daskapitalist 0 points 5 points 5 points (+5|-0) ago
Sufficiently advanced stupidity is indistinguishable from malice. Being a third party bailee that handles PII this way is criminal in many jurisdictions.
[–] captainstrange ago
Is there a legal term for this?
There ought to be a legal term for this.