Now this? Who’s in charge of Nike’s Cyber Security??
Nike Data Breach Under Investigation as WorldLeaks Claims 1.4TB Theft
https://sentrybay.com/nike-data-breach-investigation/
13 replies (most recent on top)
they hacked a physical drive, we still use them since some excel based reports still sit in those.
I know exactly where it was hacked and how it happened as I raised numerous flags about this while I was employed. Stupid managers were holding unencrypted senstive data there like login passwords for their entire team in case someone called in sick (before okta rollouts)
"will never happen to us, our tech stronk"
effin amateurs
Social engineering will beat even the best security measures especially in companies with a broad mix of tech and non-tech workers.
Change your passwords often, don’t write them down, don’t give out Infra info to people, etc, etc, etc. the list of “just don’t do it” is fairly simple really.
@a4 nailed it
@bg exactly. Nothing major that’s why nobody seeing more about it. Apparel runs. Nothing revolutionary.
@aq They hacked Jordan design/product development for SP27 (or SU, cant remember). Many graphics type of files and presentations in the dump.
Nike simply doesn’t have that much data. There’s a few things it could be if we were talking about the entire company. But each team has their own azure or aws account. And they all do things differently. There’s no standardization. Which means the hack is probably fairly compartmentalized.
I’d bet my bonus someone with access to our media library was popped through social engineering. You can hit 1-2TB with just 10 minutes of 8k video. Sprinkle in whatever jpeg’s you found on their desktop. Then you’ve manufactured a molehill into a mountain and can dream of Nike paying you off to avoid yet more negative press.
Do you think the hackers got the data and thought wtf is this… why is it so disorganized?
I mean, if we can’t use our data in a meaningful way, how are they?
Any wagers if it’s just 1.3 TB of old Nike Fuel Band activity info? And maybe a bunch of meaningless keynotes.
@a6 just because the article is 2 days old doesn’t mean anything. This was from weeks ago. They are late to the party and ship has sailed.
Nike CIS su-ks. They only thing they're good at is creating 10 different okta prompts before you can log in up box or whatever. By then you've forgotten what you were trying to do in the first place 😂
We have employees in ITC that subcontract out their own employment. Of course we have massive data breaches. Lmfao
This is a big fing deal. The rot is all over our user and financial accounts.
@a4 old news? The article is from 2 days ago.
This is old news. Don’t freak out. Nothing really major came from it and if you think cyber security can ensure 100% of stupid people have common sense enough to not get themselves breached then you don’t know anything about technology.
All the best security in the world is nothing compared to someone who lacks decision making. Same people who make their password be p@ssword or 123456.
Why would outsourcing this work overseas have any impact on the overall quality? It’s not like they could have kickbacks for c level execs or anything.
I remember when data safety teams were inhouse and data security was deathly serious. This is the consequence of our Indian subcontractor addiction