zlacker

[return to "Checkout.com hacked, refuses ransom payment, donates to security labs"]
1. prodig+47[view] [source] 2025-11-13 10:24:20
>>Strang+(OP)
If i was a customer id be pissed off, but this is as good as a response you can have to an incident like this.

- timely response

- initial disclosure by company and not third party

- actual expression of shame and remorse

- a decent explanation of target/scope

i could imagine being cyclical about the statement, but look at other companies who have gotten breached in the past. very few of them do well on all points

◧◩
2. wallet+v8[view] [source] 2025-11-13 10:34:19
>>prodig+47
> as good as a response you can have to an incident like this.

From customer perspective “in an effort to reduce the likelihood of this data becoming widely available, we’ve paid the ransom” is probably better, even if some people will not like it.

Also to really be transparent it’d be good to post a detailed postmortem along with audit results detailing other problems they (most likely) discovered.

◧◩◪
3. weird-+bf[view] [source] 2025-11-13 11:28:18
>>wallet+v8
Ah yes let's fund literal criminal groups so they have an incentive to keep hacking people
◧◩◪◨
4. wallet+jg[view] [source] 2025-11-13 11:38:21
>>weird-+bf
Completely useless take in the real world where these payments are common, it makes no difference whatsoever if an individual or even vast majority of victims stop paying. Ransomware will remain incredibly lucrative until payments are outlawed.

The cost of an attack like this is in the thousands of dollars at most, the ransom payments tend to be in the millions. The economics of not paying just don’t add up in the current situation.

[go to top]