Hannaford Brothers Supermarkets didn’t know much about cybersecurity, but then again, most companies don’t. Companies that don’t use a full-time infosec staff rely on security providers to assess their network and provide solutions that fit their size and need, and hopefully, provides protection for them at an acceptable level of risk. Then those companies carry on with what they do best, which is running a business. In Hannaford’s case, that business is selling groceries at a good price.
Hannaford had turned to a company called Rapid7 to secure their network, their webservers, and most importantly, protect their credit card processing information from hackers. When news of the massive data breach reached the home offices of Rapid7, the security company immediately assembled a team of crisis managers to tackle the issue.
No, they didn’t deploy a forensics team to Hannaford to help contain the data breach. Instead, Rapid7 scrubbed all mentions of Hannaford from their client list. Rapid7 obviously didn’t want to be associated with one of the largest dataloss incidents in history, and they certainly didn’t want to sully the name of their flagship appliance, the “neXpose” which is a vulnerability scanning device.
This information is from Attrition.Org, an online security community that has been around since the predawn of the dot-com boom. They have an outstanding article, with screenshots here, where they are much less kind to Rapid7 in light of their cowardly actions.
These shenanigans provide a teaching opportunity.
Fallout 76 isn't the game it used to be when it first came out. Sure,…
Get ready for a wild ride through a galaxy far, far away with the new…
No need to stop for gas. I know Cinco de Mayo was yesterday, but I…
Ever wondered about the link between happiness and gratitude? It's easy to assume that happy…
Watch as artist and Youtuber "Old Things Never Die" restores a vintage USAF GEMINI X-5…
For today’s edition of “Deal of the Day,” here are some of the best deals…