During a security breach, if the vendor’s brand is more popular than you, you say, they are a popular brand, everyone uses them. We couldn’t have known better.
If your brand is more popular than the vendor’s, it is called, you should have known better to not use such unknown brand. Your choice of vendor is your responsibility.
If both you and your vendors are popular, it’s up to the narrative to place blame.
Thats why most large companies still refuse to buy from small brands.
> Google will never call you unprompted to warn you about a security issue.
Users were alerted to the scheme when they realized Google has no functioning customer-facing telephone support.
Hmm. I got a delivery failure notification in my gmail, purportedly from Google. DKIM signed, headers looked legit.
Probably related to this since it had a 'click here to fix' link that went to some aws url.
Of course, since Google never contacts you except when they want to slurp more personal data out of you [1], it was suspicious from the start.
[1] See what happened when I tried to recover an old unused gmail account:
https://news.ycombinator.com/item?id=44952830
Wasnt this a Salesforce database that was breached? I guess if you're a competitor, you dont let any chance to take a shot at your rival pass.
During a security breach, if the vendor’s brand is more popular than you, you say, they are a popular brand, everyone uses them. We couldn’t have known better.
If your brand is more popular than the vendor’s, it is called, you should have known better to not use such unknown brand. Your choice of vendor is your responsibility.
If both you and your vendors are popular, it’s up to the narrative to place blame.
Thats why most large companies still refuse to buy from small brands.
Some more discussion earlier in the month:
Google suffers data breach in ongoing Salesforce data theft attacks
https://news.ycombinator.com/item?id=44812198