So I just saw the following post on Mastodon from Brian Krebs. No details about the company are given, maybe it is a thought piece.
The post on Mastodon he wrote says:
BrianKrebs: Just notified a company specializing in email security that their internal email — and that of their customers — was sitting out on the web.
Each inbox — whether for company customers or employees of those companies — was viewable just by visiting a link with a web browser and clicking links. Everything was exposed in basically one big file index.
This level of ineptitude is remarkable, and somehow they have a lot of customers (think state/local govs). To their credit, they took everything offline within a few minutes of my notifying them. But their entire business schtick is about how all your email is encrypted and protected and scanned and blah blah. Meanwhile, no it’s not. At all.
I’ll leave it as a thought piece. So, how is this still happening today?
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.