Hi
I hope you don’t mind, as I do not want to take this off topic sorry
I think there will be more disclosures still to come
If you think back to the big outage of dns/ssl about a year ago or so, I thought then it was a measured attack to gain access to systems. It was never reported fully why the dns attack took place
Also, I think most companies who have their own it department(s), most do not look after fully their company it. It is mostly outsourced to third parties. We ourselves, look after some top 10 companies hosting needs, and not their it departments
I do believe the web developers have to take some responsibility for breaches. I used to be amazed when seeing a website not closing sessions but not now. There’s more but no time and wrong thread sorry
Divergence, weak passwords, poor routing/firewall control, employees and/or ex employees etc.... all are well known for data breaches. Never mind that their computers maybe infected (inc root kit).
Lastly, I have a file from around 10 years ago, a single file from a breached server, which this 1 very small file, gave full admin/root access to the whole server, and so easy to upload (does not need activating or installing), it just needs to be on a web hosting root level
This is just my thoughts though, so apologies if I’m wrong or posted wrongly. Please feel free to delete
Many thanks
John