> this could happen to any company (yes, it could, even yours - don't try to convince me otherwise)
There's a lot of cognitive dissonance in discussion around this story IMO. Nowadays I assume everyone has been or will be pwned, because no breech surprises me anymore. Any small gap can and will be exploited, and as organisations grow the surface area only gets larger and larger. The only way to truly secure data is to not put it on the internet from the jump. For every breach that's published, there's likely a dozen that we never find out about.
There's a lot of cognitive dissonance in discussion around this story IMO. Nowadays I assume everyone has been or will be pwned, because no breech surprises me anymore. Any small gap can and will be exploited, and as organisations grow the surface area only gets larger and larger. The only way to truly secure data is to not put it on the internet from the jump. For every breach that's published, there's likely a dozen that we never find out about.