Comment by anang
14 hours ago
> Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating.
Explains this:
> why would DOGE be immediately leaking just-granted NLRB login credential
The implication is that the credentials were for more than this specific system. It's entirely feasible that a bad actor would immediately try to vacuum up as much data from as many systems as possible, it's just that this system had a geo block that made it clear this was happening.
I don't think we need to assume that this was a targeted attack on this specific NLRB system, just that this specific NLRB system was the one that caught the attempts.
So, what systems DIDN'T block authentication?
No comments yet
Contribute on Hacker News ↗