|
|
|
|
|
|
by staticassertion
1800 days ago
|
|
|
In a sane world this would be a company-ending event, or at least seriously impact their stock and C level execs. The idea that: a) User data access is not just allowed but normal (or at least that it was at one point) b) That it's allowed at all so widely c) That (a) and (b) are true despite repeated abuse is absolutely insane. "Nearly every month" is insane. It should be criminal, but it isn't. Sadly, it's all too common for engineers to have way more access than is necessary, though this seems extreme. I see no reason why any engineer, outside of extreme circumstances that should set off alarm bells, should have access to sensitive user data like passwords. It should generally not be the case that direct access of data is needed at all. |
|
|