|
|
|
|
|
|
by ko_pivot
893 days ago
|
|
|
The way I read the incident post, it almost feels like they aren't talking about the actual `postgres://` uri but some other secret that provides database access indirectly, maybe a backend API that uses a single secret key. I could be wrong, but you'd think the incident report would just say "we leaked the connection string for our internet-reachable database" if that were the case. |
|
|