Subnostr

Interesting. Read a bit more now and did some searching quick. Seems more than TaskUs partnership ending. Probably because this incident motivated them to restructure the whole offshore thing. Early report on incident claims someone was taking pictures of screen...but that's not gonna come close to 1% of user info lol. Also read this has cost coinbase 400M in damages somehow.

As someone else pointed out, an offshore customer support group should not have been capable of pulling huge chunks of unencrypted data at all.

Bohemia 7mo ago

It is massive, egregious neglect of basic, foundational cybersecurity principles. Least privilege and access control are harped on in the most elementary teachings. I don't know if contracting offshore for handling of PII is the industry norm, but it seems very risky to give unfettered access to people who aren't directly employed. Seems they got too big for their britches, as my grandma would say. It will be interesting to see how they fare after this.

Reply to this note

Please Login to reply.

Discussion

YODL 7mo ago

Yeah, though in my limited experience with offshore teams (Indian), they get treated like nuclear spies (frosted glass, no phones in or computers out) over less sensitive data. But that could be because they were somewhat skilled/professional grade hires. Not so sure how much that would hold for a company called "TaskUs" lol. Sounds like a new uber service (oh yeah, tastes it is what I'm thinking of ha)

YODL 7mo ago

Oh yeah, Taskrabbit* is what I'm thinking of... so many typos lately fml

Bohemia 7mo ago

I was wondering but too overwhelmed with life today lol