WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.4K

Yeah, that's pretty much my attitude.

Archive: https://archive.today/fki7U

From the post:

>A few years ago, I received a letter in the mail addressed to my then-toddler. It was from a company I had never heard of. Apparently, there had been a breach and some customer information had been stolen. They offered a year of credit monitoring and other services. I had to read through every single word in that barrage of text to find out that this was a subcontractor with the hospital where my kids were born. So my kid's information was stolen before he could talk. Interestingly, they didn't send any letter about his twin brother. I'm pretty sure his name was right there next to his brother's in the database. Here was a company that I had no interaction with, that I had never done business with, that somehow managed to lose our private information to criminals.

Yeah, that's pretty much my attitude. Archive: https://archive.today/fki7U From the post: >>A few years ago, I received a letter in the mail addressed to my then-toddler. It was from a company I had never heard of. Apparently, there had been a breach and some customer information had been stolen. They offered a year of credit monitoring and other services. I had to read through every single word in that barrage of text to find out that this was a subcontractor with the hospital where my kids were born. So my kid's information was stolen before he could talk. Interestingly, they didn't send any letter about his twin brother. I'm pretty sure his name was right there next to his brother's in the database. Here was a company that I had no interaction with, that I had never done business with, that somehow managed to lose our private information to criminals.
[–] 1 pt (edited )

Yep. I've been telling people at my job and prior jobs this shit for years. Also told them to implement heavy handed DLP, stop all attachments on emails, and zero trust the whole fucking network. Network should just be open internet (with some blocking) and you VPN into everything. The last place I worked for that did it right used STunnels between all their sites, every piece of data was encrypted and the cert server was surrounded by bulletproof glass.

Just this past week, we were reviewing some upcoming changes and one of the junior guys pointed out internal http connections in some change documentation. Thinking it was a typo, he called and we found out it was in fact http. NOT https. And their answer was "no one ever told us to implement http on internal systems". My boss went fucking nuclear livid. Junior cybersec guy stared off into the unknown. I popped a beer for lunch.

[–] 0 pt

Yeah.. Also, for those not in the know, DLP = Data Loss Prevention.

I designed a email system that would auto-scan and catch anything that had PII, attachments, etc. It would then encrypt everything and force you to access it via a portal. This was a long time ago but I was dealing with very sensitive data and with a shit load of morons that could not be fucked to 'tag' a email to be encrypted before sending.

People did not like it. I told them I was keeping the company from being sued. After I left, they ripped it out. They were sued a year later for leaking PII. Fuck em.

[–] 1 pt

People did not like it. I told them I was keeping the company from being sued. After I left, they ripped it out. They were sued a year later for leaking PII. Fuck em.

That is how is always happens. I kept PCI compliance for a company and two years after I left they were paying a consulting firm $500 an hour to fix this shit I always did. This was mid 2010s so the per hour rate is probably well over $1000 by now.

I think secure portals are the answer. INCLUDING MFA.

[–] 0 pt

My company(s) didn't listen to me. Hired expensive consulting firm's that had no fucking clue what they were doing. Fired them, Sued them, paid me to do what I told them we should have done in the first place.

I was underpaid and over worked but knew better. Fuck those companies. I hope they are all rotting in hell at this point.