as we all know, humans are often the weakest part of the security chain.”
Those are the words of Reddit CTO Christopher Slowe, who was quick to play the blame game in a post announcing that Reddit experienced a breach of internal data last week. He explained that the platform was compromised after an attacker sent “plausible-sounding prompts” to employees that redirected them to a website impersonating Reddit’s intranet portal in an attempt to steal credentials. Reddit said users’ data was safe.
Hackers successfully obtained an employee’s credentials, Slowe said, before calling out said employee — who decisively self-reported the incident to Reddit’s security team — as the “weakest link” in the company’s security defenses. (Ironically, Slowe went on to advise users to “update your password every couple of months,” a practice that is no longer recommended by most cybersecurity experts.)
Reddit isn’t alone in pointing the finger following a breach, and many organizations have defaulted to a blame culture when it comes to data security.
In late April, police in Nebraska received a tip saying 17-year-old Celeste Burgess had given birth to a stillborn baby and buried the body. Officers soon learned that her mother, Jessica Burgess, and a friend had helped her with transportation and burial. The police issued citations for concealing the death of another person and false reporting. But […]
A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest. “Code-generating systems are currently […]
ata breaches can be extremely harmful to organizations of all shapes and sizes — but it’s how these companies react to the incident that can deal their final blow. While we’ve seen some excellent examples of how companies should respond to data breaches over the past year — kudos to Red Cross and Amnesty for their transparency — 2022 has been a […]
Leave a Reply