[awesome_dude]

I mean, this is the problem for all companies with sensitive data (ensuring that "ex" employees no longer have access to <stuff>).

Generally it's done via accessing some 3rd party secret storage system where employees need to verify themselves to get access (eg. Vault, or AWS secrets or what have you)

[Dylan16807]

Do you think this breach had anything to do with ex-employees retaining access? That also sounds like solving the wrong problem.

[awesome_dude]

I mean this is posted on this page too.

z> nomilk 8 minutes ago | prev | next [–]

> The hacker claims an outsourced worker was compromised through a $500 bribe Also interesting:

> The hacker claims government IDs were just sitting there for months or even years... I have spoken to people familiar with Discord's Age Verification system, and they said after some period of time Discord will delete (the copies of IDs), but they should be deleting them the second they're done

Source (pinned comment, and 7m20s respectively): https://www.youtube.com/watch?v=NnuyT8FgSpA

reply