“As we all know, humans are often the weakest part of the security chain.”
Those are the words of toptechtrends.com/tag/reddit/”>Reddit CTO Christopher Slowe, who was quick to play the blame game in a post announcing that toptechtrends.com/2023/02/10/reddit-says-hackers-accessed-internal-data-following-employee-phishing-attack/”>Reddit experienced a breach of internal data last week. He explained that the platform was compromised after an attacker sent “plausible-sounding prompts” to employees that redirected them to a website impersonating Reddit’s intranet portal in an attempt to steal credentials. Reddit said users’ data was safe.
Hackers successfully obtained an employee’s credentials, Slowe said, before calling out said employee — who decisively self-reported the incident to Reddit’s security team — as the “weakest link” in the company’s security defenses. (Ironically, Slowe went on to advise users to “update your password every couple of months,” a practice that is no longer recommended by most cybersecurity experts.)
Reddit isn’t alone in pointing the finger following a breach, and many organizations have defaulted to a blame culture when it comes to data security.
toptechtrends.com/2023/02/14/security-breach-blame-employees/”>Security breach? Don’t blame your employees by toptechtrends.com/author/carly-page/”>Carly Page originally published on toptechtrends.com/”>TechCrunch