Comment by patio11
8 years ago
That's also a bad thing, but you can roll creds and check if anyone has exfiltrated data from your various accounts. You can't roll patient identities. There doesn't appear to be any way to figure out which of your HTTPS pages served in last 6 months are presently publicly exposed.
I feel for folks who lost API keys -- really -- but everyone regulated should be in full-on disaster recovery mode right now.
No comments yet
Contribute on Hacker News ↗