image credit: freepik
In his testimony before the Senate Committee on Homeland Security and Governmental Affairs, the company’s president and CEO Joe Blount told lawmakers that the hackers had breached their network via a compromised legacy VPN account.
This incident has nearly all the elements of security gone wrong:
- Compromised credentials were found in a list of stolen data
- The account wasn’t protected by multi-factor authentication
- The attackers used a (most probably unmonitored) legacy service to break in
Comments are closed.
