classic opsec mistake - eviltoast

cross-posted from: https://discuss.tchncs.de/post/10692187

so, the company was Vastaamo. was because it got bankrupt after the breach, and GDPR violations.

the “hacker”(or rather cracker) was extradited from France to Finland.
you can read about how terrible the company’s security was here: https://tietosuoja.fi/en/-/administrative-fine-imposed-on-psychotherapy-centre-vastaamo-for-data-protection-violations

or watch mental outlaw’s video on the matter, or the Wikipedia article on the breach.

now there are several things that shouldn’t have happened (e.g.: don’t do these things on your main OS, have root access disabled, etc.), but I’ll leave that to you experts.

  • Ann Archy@lemmy.world
    link
    fedilink
    arrow-up
    67
    arrow-down
    2
    ·
    edit-2
    10 months ago

    Not exactly an indictment on the hacker as much as it is one on these predatory online psych dealerships.

    Once again we’re seeing deregulations leading to McSolutions that A) are of lower quality, and B) more expensive than what we had.

    • WhoPutDisHere@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      9
      ·
      10 months ago

      Yeah, it felt like the clown man was the company in the first two panels, then it shifts to hacker, then the final few are just confusing. Poor clown man, so many internal conflicts.