Comment by m3047
2 days ago
CISA said “there is no indication that any sensitive data was compromised as a result of the incident.”
Oh wow. Except for those secrets.
2 days ago
CISA said “there is no indication that any sensitive data was compromised as a result of the incident.”
Oh wow. Except for those secrets.
Unfortunately "sensitive" has a specific meaning that they may be being legalistic with. PII, for example, is generally not "sensitive".
Well, "Sensitive" is the second lowest data label. It must all just be above that.
Except for all the leaked data, absolutely no data was leaked.
See the trick is to not consider your data sensitive, no SENSITIVE data was leaked.
There is no data leakage from the application where the front-fell-off, because we towed the data outside the environment.
https://m.youtube.com/watch?v=3m5qxZm_JqM
1 reply →
Willful ignorance. "No indication" meaning they haven't seen any evidence anything was compromised. Could be because they've been working very hard not to look at any evidence or analysis of what happened. "I'm not aware of X" is very different from "X is not true".
They probably don't have systems in place to even detect that data was snorkeled off.
So "no indication" is completely correct.
Didn't RTFA, was any actual secret data or any IOC, log tampering, etc. found?