as we all know, humans are often the weakest part of the security chain.”
Those are the words of Reddit CTO Christopher Slowe, who was quick to play the blame game in a post announcing that Reddit experienced a breach of internal data last week. He explained that the platform was compromised after an attacker sent “plausible-sounding prompts” to employees that redirected them to a website impersonating Reddit’s intranet portal in an attempt to steal credentials. Reddit said users’ data was safe.
Hackers successfully obtained an employee’s credentials, Slowe said, before calling out said employee — who decisively self-reported the incident to Reddit’s security team — as the “weakest link” in the company’s security defenses. (Ironically, Slowe went on to advise users to “update your password every couple of months,” a practice that is no longer recommended by most cybersecurity experts.)
Reddit isn’t alone in pointing the finger following a breach, and many organizations have defaulted to a blame culture when it comes to data security.
Australian software giant Atlassian and Envoy, a startup that provides workplace management services, were at loggerheads on Thursday over a data breach that exposed the data of thousands of Atlassian employees. As first reported by Cyberscoop, a hacking group known as SiegedSec leaked data on Telegram this week that it claimed to have stolen from Atlassian. This […]
Seeking to bring greater security to AI systems, Protect AI today raised $13.5 million in a seed-funding round co-led by Acrew Capital and Boldstart Ventures with participation from Knollwood Capital, Pelion Ventures and Aviso Ventures. Ian Swanson, the co-founder and CEO, said that the capital will be put toward product development and customer outreach as […]
etailed tactical plans for imminent police raids, confidential police reports with descriptions of alleged crimes and suspects, and a forensic extraction report detailing the contents of a suspect’s phone. These are some of the files in a huge cache of data taken from the internal servers of ODIN Intelligence, a tech company that provides apps and […]
Leave a Reply