Rabbit hole full of hardcoded credentials: Rabbitude expose Rabbit data breach

1 point by martins_irbe 1 year ago | 3 comments
  • yorwba 1 year ago
    Previous discussion on Rabbitude's original posts: https://news.ycombinator.com/from?site=rabbitu.de
    • martins_irbe 1 year ago
      Rabbit Inc.'s recent data breach exposed critical API keys and user data due to hardcoded credentials in their code. Despite awareness of the breach, key security measures were overlooked, risking user privacy and email data. This incident highlights the importance of secure coding practices and proper credential management.
      • reneberlin 1 year ago
        Even more if one is sending out hardware-devices. It's pretty clear that the folks over there came from the Web-world and more frontend than backend and didn't follow industry-wide best practices at all.

        I hope they have a good lawyer, because there will be one that sues, i'm pretty sure.