The third-party script breach that shook the world
Een technisch complexe, juridisch gevoelige keten van gebeurtenissen omgezet in een narratief dat werkt voor zowel specialisten als niet-specialisten. Gebaseerd op de ICO boetebeschikking, gereconstrueerde tijdlijn en openbare bronnen.
"It happened between August 21 and September 5, 2018. During those 16 days, a sophisticated cyberattack hit the British Airways website and app."
"These credentials were just sitting in a file: unencrypted, in plain text. This is a critical security oversight. It's also a game changer in this story."
"It was happening right under everybody's nose without any disruption of the payment process."
"One tiny weak spot in one of those third party scripts can cause a big security headache."
"What is okay today, might be a security incident tomorrow."