zlacker

[return to "Checkout.com hacked, refuses ransom payment, donates to security labs"]
1. prodig+47[view] [source] 2025-11-13 10:24:20
>>Strang+(OP)
If i was a customer id be pissed off, but this is as good as a response you can have to an incident like this.

- timely response

- initial disclosure by company and not third party

- actual expression of shame and remorse

- a decent explanation of target/scope

i could imagine being cyclical about the statement, but look at other companies who have gotten breached in the past. very few of them do well on all points

◧◩
2. embedd+ei[view] [source] 2025-11-13 11:54:38
>>prodig+47
> - timely response

Timely in what way? Seems they didn't discover the hack themselves, didn't discover it until the hackers themselves reached out last week, and today we're seeing them acknowledging it. I'm not sure anything here could be described as "timely".

◧◩◪
3. prodig+Do[view] [source] 2025-11-13 12:44:09
>>embedd+ei
I have been doing a self Have I Been Pwned audit and, reading many company blog posts, and it wasn't uncommon to see disclosure months after incidents.
◧◩◪◨
4. embedd+Ep[view] [source] 2025-11-13 12:50:13
>>prodig+Do
Yeah, that sucks, and I wouldn't call those "timely" either. Is your point that "timely" is relative and depends on what others are doing? Personally, "slow" is slow regardless of how slow others are, but clearly some would feel differently, that's OK too.
[go to top]