Hope this isn’t a repeated submission. Funny how they’re trying to deflect blame after they tried to change the EULA post breach.

  • Hegar@kbin.social
    link
    fedilink
    arrow-up
    1
    arrow-down
    2
    ·
    10 months ago

    Credential stuffing attacks will always yield results on a single use website because no one changes passwords on a site they don’t use anymore.

    Launching a feature that enables an inevitable attack to access 500 other people’s info is very clearly the fault of the company who launched the feature.