HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ackondro

no profile record

comments

ackondro
·قبل 3 سنوات·discuss
I'm not saying this is how it happened, but this is why they may be able to say that. When working with similarly sized companies, I am required to encrypt the files (PGP zip) and transmit over a secure encrypted channel (SFTP). Normally, those companies will use a feature of Moveit to automatically do the PGP encryption/decryption.

However, TJX could have written their security policy such that their Moveit server was not allowed to use that feature, so they used a different piece of software to do the encrypt/decrypt outside of Moveit. Thus, hacking the TJX server would only get a bunch of unencrypted reports and encrypted files with personal info in them. Again, I'm not saying this was what actually happened.