Seriously? WTF?

“Cognizant was not duped by any elaborate ploy or sophisticated hacking techniques,” according to a copy of the lawsuit reviewed by Reuters. “The cybercriminal just called the Cognizant Service Desk, asked for credentials to access Clorox’s network, and Cognizant handed the credentials right over.”

https://www.nbcnews.com/business/business-news/lawsuit-says-clorox-hackers-got-passwords-simply-asking-rcna220313

#CyberSecurity #Ransomware #Hacking #SocialEngineering

  • pdxfed@lemmy.world
    9·
    7 months ago

    The approach to limit complexity and scope in jobs to lower the educational or skill requirements (and transparently by companies resulting compensation) guarantees siloed work. Not only to people have a limited understanding of the work they’re doing and how it connects but they have NO idea what other people are doing, or why–and that’s even within the same department or function.

  • Debby ‬⁂📎🐧:disability_flag:@hear-me.social
    2·
    7 months ago

    @[email protected] Even if a door is unbreakable, the walls might not be.
    Surprisingly, even the best security measures can be easily overcome by simple social engineering. This case should remind us of the importance of including everyone in a security strategy. It is crucial to consistently teach and explain to all employees why security is important and how to implement best practices at every level of a company. Unfortunately, many companies, like Clorox, fail to educate all employees, leaving themselves wide open to social engineering attacks.