Byron Bay data breach victim told to pay Adidas, National Basketball Association $US1.2m by US courts - eviltoast
  • shirro@aussie.zoneOP
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    I wonder if the government and ASIC shouldn’t take a closer look at Paypal as well. According to Ms Luke her account was one of 35,000 Paypal accounts breached in an incident last year and criminals used it to process thousands of transactions over a couple of days.

    • PupBiru@kbin.social
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      i don’t think paypal did much wrong here: the 35k accounts wasn’t really their fault… their “breach” was credential stuffing: criminals trying usernames and passwords from other breaches… there’s not much they can do to fix that except enforce MFA (this is just 1 of many reasons it’s so important!)

      • shirro@aussie.zoneOP
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Yes, optional MFA isn’t good enough for a regulated financial service. That should be mandatory.