I just got the email from haveibeenpwned. F Trello.
You must log in or register to comment.
Obligatory: companies should face harsh penalties for this stuff.
Yes but this wasn’t a data breach. This was a data stuffing incident, meaning they took someone else’s data dump and tried their email and credentials here.
- never use the same username and password in two or more places
- always use MFA, a hard token if you can like a yubikey
Do you own a Yubikey?
Have you ever succeeded in getting it to work with anything??
It didn’t work with gmail, or any other online account I had.
An absolute waste of $$.
Setting up: https://www.yubico.com/setup/yubikey-5-series/
Supported services: https://www.yubico.com/works-with-yubikey/catalog/
Google Accounts (for your gmail): https://www.yubico.com/works-with-yubikey/catalog/google-accounts/
They do, in the EU. If you fuck up your customer’s data, you’ll face fines consisting of hefty percentages of your yearly revenue!
https://www.enforcementtracker.com/
Yep, hefty. Top 5: 1.2B meta, 746M amazon, 405M meta, 390M meta, 345M tiktok (all in €).
That’s not what it means to breach an account…
How about “leaked”? I chose “breached” because title of mail was “You’re one of 15,111,945 people pwned in the Trello data breach”
But it’s not really leaked either
If info was not public available, would call that „leaked“.
