top | item 45659699

(no title)

timdev2 | 4 months ago

These were accounts that shouldn't have had console access in the first place, and were never used by humans to log in AFAICT. I don't know exactly what they were originally for, but they were named like "foo-robots", were very old.

At first I thought maybe some previous dev had set passwords for troubleshooting, saved those passwords in a password manager, and then got owned all these years later. But that's really, really, unlikely. And the timing is so curious.

discuss

portaouflop|4 months ago

Why keep accounts like this around anyway? Sounds like a breach was just waiting to happen…

Avicebron|4 months ago

A cost center like security? Are you crazy..