|
|
|
|
|
|
by Khao
5471 days ago
|
|
|
I had this happen at my last company too. We had basically no security except great firewalls and servers configured to let no one pass. Then one day, on server who wasn't properly configured got busted and all our source code (it was an asp website so the source code is on the server) was compromised. From there, the attacker tunneled to our databases, since all the databases used the same password and the default user with all privileges. They were only blocked from being accessed from unknown IPs, but once on the inside of our network, it was easy to access. And I'm sure there are thousand more stories like this that aren't told on the internet because companies are ashamed to admit that they've been hacked. |
|
|