Skip Navigation
AMUSING, INTERESTING, OUTRAGEOUS, or PROFOUND @lemmy.world Doug Holland @lemmy.world

City of Columbus sues man after he discloses severity of ransomware attack

arstechnica.com City of Columbus sues man after he discloses severity of ransomware attack

Mayor said data was unusable to criminals; researcher proved otherwise.

City of Columbus sues man after he discloses severity of ransomware attack
2
2 comments
  • Such a bawdy thing as the truth is unfit for polite society.

    • I work in this field. Every client has law counsel. Most of my client update calls include a remediation section, forensics findings, and finally legal. Everyone not employed by the affected client are asked to leave so counsel and client can discuss threat actor negotiations and potential data exposure.

      These portions are not meant to hide info per se, but often to decide how to broach discussing PII or PHI, as well as limiting whether they're going to pay the TA or pursue a 3rd party decryptor.

      I've been tempted to whistleblow on clients before because they're awful, but I've learned that what sometimes feels like retribution might hurt the exposed victims and not the company.

      Anyway, it's not super cut and dry.