|
|
|
|
|
|
by coredog64
748 days ago
|
|
|
Something similar happened at a previous employer. Contractor was hired to do a big data PoC, and they managed to cajole access to a prod data dump for a more impactful demo. They then managed to load all this PII data into an ElasticSearch instance that was open to the internet and was discovered by threat actors. I wouldn’t be surprised to find that something similar happened here, where an unscrubbed prod dataset was shared for a better demo. |
|
|