My money is on some un-upgraded backend/frontend stuff due to "compatibility" and/or lack of budget to hire people to keep things patched and up-to-date.
Blah, when it comes to a target that large, hackers will insert a contractor into the role who can secure the relevant credentials.
This is another reason the remote-work scenario is such an issue - it's so trivial when large numbers of people are working remotely to gain access to secure systems.
This is another reason the remote-work scenario is such an issue - it's so trivial when large numbers of people are working remotely to gain access to secure systems.