• Norgur@fedia.io
    link
    fedilink
    arrow-up
    9
    ·
    5 months ago

    Especially with such careless failures. If some employee was tricked through a well-planned social engineering attack, or they used some mega obscure day0 vulnerability, I’d not be happy, but shit happens, I guess. But not sending my phone number when someone just posts some GET command to an API should be a no-brainer…