Earlier this month, a threat actor going by Rose87168 claimed to have breached Oracle Cloud’s federated SSO servers and exfiltrated around 6 million records, affecting over 144,000 Oracle clients. The hacker provided an internal customer list and threatened to sell the data unless clients paid to remove their data from the trove, which included single sign-on credentials, Lightweight Directory Access Protocol passwords, OAuth2 keys, tenant data, and more. Rose87168 has also solicited help from the hacking community to crack the hashed password in trade for some of the data.
CTO and CEO should be jailed for this.
If I fuck up this bad that it actively hurts people, then lie about it and hide it, I go to jail
Same rules must apply to managers and top level.
LOCK THEM UP
Limited liability
Fuck. That. Shit.
If YOUR company commits crimes, you go to jail. You can’t just start peddling fantanyl drugs to little kids and they say oh wow, that sucks, well, it’s an LLC so I’m totally innocent!
In that same way, if your company commits fraud, you need to be locked up
If your lost customer data, including passwords and don’t tell your customers to save money, you get locked up for wilful negligence
Part of being a member of the C suite is always that you get enormous salaries for the enormous responsibility you have. Great, with great responsibility comes jail time if you break the law