|
|
|
|
|
|
by developer1
4017 days ago
|
|
|
Another pain point is the delay from Friday's discovery to Monday's disclosure. While it's better than the sometimes weeks other companies have taken, it screams of the discovery happening at 4pm on a Friday, and everybody then saying "bah fuck it, go home for the weekend, we'll work on it Monday". A security compromise like this should have been made known by Saturday at the latest, and worked on over the weekend. 3 days is a long time for leaked passwords to go unnoticed to users, regardless of the encryption scheme being used. |
|
|
There's a balance between early notification and misstating the impact.