Hacker News new | ask | show | jobs
by djsumdog 3079 days ago
It's not a "breach" technically. No malicious person caused the packages to be removed by circumventing authentication/authorization systems. It is a security issue though. A bug and serious security issue, yes, but not technically a breach.
1 comments
jeremyjh 3079 days ago
A breach didn't cause the issue, but there absolutely was a breach in response to NPM's incompetence. https://news.ycombinator.com/item?id=16087126
link