This is a necessary step to regain trust in any breach. Best case scenario it’s just a step on their incident response checklist. Worst case scenario obfuscated credentials, decryption capabilities, or both were exfiltrated. If I leave my data store exposed to the internet with default credentials and someone dumps it, I do need to fix that setup but I also need to prevent them from doing anything in my system with that dump. Yes, there are certainly other things that need to be fixed. No, this is not just a distraction.
deleted by creator
This is a necessary step to regain trust in any breach. Best case scenario it’s just a step on their incident response checklist. Worst case scenario obfuscated credentials, decryption capabilities, or both were exfiltrated. If I leave my data store exposed to the internet with default credentials and someone dumps it, I do need to fix that setup but I also need to prevent them from doing anything in my system with that dump. Yes, there are certainly other things that need to be fixed. No, this is not just a distraction.
Would you settle down over there? We only have this one smoke machine…