as we all know, humans are often the weakest part of the security chain.”
Those are the words of Reddit CTO Christopher Slowe, who was quick to play the blame game in a post announcing that Reddit experienced a breach of internal data last week. He explained that the platform was compromised after an attacker sent “plausible-sounding prompts” to employees that redirected them to a website impersonating Reddit’s intranet portal in an attempt to steal credentials. Reddit said users’ data was safe.
Hackers successfully obtained an employee’s credentials, Slowe said, before calling out said employee — who decisively self-reported the incident to Reddit’s security team — as the “weakest link” in the company’s security defenses. (Ironically, Slowe went on to advise users to “update your password every couple of months,” a practice that is no longer recommended by most cybersecurity experts.)
Reddit isn’t alone in pointing the finger following a breach, and many organizations have defaulted to a blame culture when it comes to data security.
Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Bengaluru-based Slick launched in […]
Google confirmed it’s putting an end to a feature that allowed users to access playable podcasts directly from the Google Search results in favor of offering podcast recommendations. Officially launched in 2019, the feature surfaced podcasts when they matched a user’s query, including in those cases where a user specifically included the word “podcast” in their search […]
SC Media UK has collected predictions across a range of categories from cybersecurity experts. Here we give you the roundup… What might 2023 bring in term of cyber? Our experts found consensus on a few areas. First, boardroom metrics will become more important as senior execs demand transparency through quantified insights on the company’s security posture. […]
Leave a Reply