Presently sponsored by: Kolide is an endpoint security solution for teams that want to meet SOC2 compliance goals without sacrificing privacy. Learn more here.

How many different angles can you have on one data breach? Facial recognition (which probably isn't actual biometrics), gambling, offshore developers, unpaid bills, extortion, sloppy password practices and now, an arrest. On pondering it more after today's livestream, it's the unfathomable stupidity of publishing this data publicly that really strikes me. By all means, have contractual disputes, get lawyers involved and showdown in the courts if you need to, but take data in this fashion and chuck it up online and you're well into criminal territory. It's just nuts, and I suspect there's a lot more yet to play out in this saga.

References

1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
2. Outabox - where do I even begin with this one?! (that's a link to the tweet thread, stay tuned for more there)
3. Qantas wasn't breached in any sort of malicious fashion, but they've still had a breach (looks like a classic cache key cock-up to me)
4. Did Bandcamp really email people with their passwords mail-merged into where their name should be? (no, but someone accidentally put their password in the username field and it then appeared in the mail merge... which is also funny 🤣)