this post was submitted on 10 Feb 2025
47 points (98.0% liked)
Cybersecurity
6366 readers
19 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Oopsies
Why tf did this employee have the permissions to turn off the entire service? If their job is responding to abuse reports, they do not need that level of privilege.
It's entirely possible the employee had more than one hat and was dabbling in customer service that day. it's not unheard of in the IT field for the buckets to mix when demand states it. Being said the better question is how you could mistake a shutdown/deactivate button as an apply button
apperently cloudflare thought the same as they removed the button from the panel the employee used lmao
And even then, there should be an approval workflow to at least have one more set of eyes review the change before it’s implemented.
Possibly paid by an outside actor to cause a service disruption? Rival company, the government, etc.
First - Hanlon's Razor
Second - that doesn't explain how they had the permission to do that single handedly