The third-party script breach that shook the world
Une chaîne d'événements techniquement complexe et juridiquement sensible transformée en un récit qui fonctionne tant pour les spécialistes que pour les non-spécialistes. Basé sur l'avis de sanction de l'ICO, la chronologie reconstituée et les sources publiques.
"It happened between August 21 and September 5, 2018. During those 16 days, a sophisticated cyberattack hit the British Airways website and app."
"These credentials were just sitting in a file: unencrypted, in plain text. This is a critical security oversight. It's also a game changer in this story."
"It was happening right under everybody's nose without any disruption of the payment process."
"One tiny weak spot in one of those third party scripts can cause a big security headache."
"What is okay today, might be a security incident tomorrow."