undefined | Better HN

0 pointsTobyTheDog1234y ago0 comments

They lost all credibility when they failed to do the one single thing companies trust them to do, on a massive and severe scale, with long-lasting financial repercussions for AT LEAST 250 of the worlds biggest companies (I believe it's more than they're letting on).

0 comments

toomuchtodo4y ago

It is a shame that the new DHS 72 hour reporting requirement was not in effect when this breach occurred, but it is extremely evident why it is required. Regarding business classification, I don't think it's too difficult to argue that commercial identity providers are critical infra.

https://news.ycombinator.com/item?id=30699024

https://www.congress.gov/bill/117th-congress/house-bill/2471...

zwayhowder4y ago

That law is modelled on laws in the EU, Australia and other countries. I know if my employer is one of the affected companies they are in breach of our notification laws.

sofixa4y ago

GDPR already covers this. If companies with EU employees were among the 2.5% ( not unlikely), they should have disclosed this, first to the ICO and customers, then the public.

j / k navigate · click thread line to collapse