"After internal investigations, it appeared that a hacker was able to obtain acc... | Hacker News

Hacker Timesnew | past | comments | ask | show | jobs | submit

		nnwa on July 22, 2013 \| parent \| context \| favorite \| on: OVH Security Incident "After internal investigations, it appeared that a hacker was able to obtain access to an email account of one of our system administrators." That translates to password reuse, or an insecure password.

jessaustin on July 22, 2013 [–]

...or a client attack, or XSS, or poorly secured tokens, or whatever. If we always blame the user first, we're bound to miss something. Even if the fault were an insecure password, the admin site would still be to blame for not throttling and locking down the account in response to repeated attack.

nnwa on July 22, 2013 | [–]

Fair point Jess.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact