Based on the information available, I'm betting that the leaked source code included connection strings that let someone connect directly to their database and start dropping tables. It's possible that there were other ways in, but this would definitely be the quickest.
What that means is that the database server is not using a whitelist or VPN - it's just right out in the open for anyone with the right credentials to jump in and wreak havoc. This was a big disaster waiting to happen.
As soon as the staff learned that source code had leaked, they should have reacted immediately by changing passwords and limiting database access.
In the FAF thread, when someone pointed out that FA's history of insecurity is no secret and staff should have long ago allocated resources to setting up daily backups and a "full security audit" of their system, Dragoneer naturally passed off the blame to the ImageMadgick exploit. Yes, the same one that he JUST claimed had already been patched before the attack. ¯\_(ツ)_/¯
Based on the information available, I'm betting that the leaked source code included connection strings that let someone connect directly to their database and start dropping tables. It's possible that there were other ways in, but this would definitely be the quickest.
What that means is that the database server is not using a whitelist or VPN - it's just right out in the open for anyone with the right credentials to jump in and wreak havoc. This was a big disaster waiting to happen.
As soon as the staff learned that source code had leaked, they should have reacted immediately by changing passwords and limiting database access.
In the FAF thread, when someone pointed out that FA's history of insecurity is no secret and staff should have long ago allocated resources to setting up daily backups and a "full security audit" of their system, Dragoneer naturally passed off the blame to the ImageMadgick exploit. Yes, the same one that he JUST claimed had already been patched before the attack. ¯\_(ツ)_/¯