top | item 43780841

(no title)

anang | 10 months ago

> Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE related activities and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating.

Explains this:

> why would DOGE be immediately leaking just-granted NLRB login credential

The implication is that the credentials were for more than this specific system. It's entirely feasible that a bad actor would immediately try to vacuum up as much data from as many systems as possible, it's just that this system had a geo block that made it clear this was happening.

I don't think we need to assume that this was a targeted attack on this specific NLRB system, just that this specific NLRB system was the one that caught the attempts.

So, what systems DIDN'T block authentication?

discuss

No comments yet.