Should the Wordpress admin page have been accessible to the world ? Should there have been 2FA ? Was the password guessable ?
“... Cyberattackers used valid login details to access Carphone Warehouse's system through an out-of-date version of content platform Wordpress...”
https://www.reuters.com/article/us-britain-carphonewarehouse-fine/britain-fines-carphone-warehouse-400000-pounds-over-data-breach-idUSKBN1EZ11G
No comments:
Post a Comment