zlacker

[return to "‘BlueLeaks’ Exposes Files from Hundreds of Police Departments"]
1. voiper+83[view] [source] 2020-06-22 12:04:25
>>itcrow+(OP)
>“Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”

So they are spinning it as a user's fault? Not the fault of Netsential for allowing malicious content to be a problem...

◧◩
2. virapt+g7[view] [source] 2020-06-22 12:44:18
>>voiper+83
The fault is spread though. Sure, the data portal was broken, but if you store secrets which can put people's lives at risk, you have to assume the portal is broken. There should be a number of checks on top of basic authentication and also in the LE network. If they found out about the leak from the leak itself, there are many teams that failed.
[go to top]