Conversation
Notices
-
Reading about https://lowendbox.com/blog/digitalocean-customer-billing-data-exposed-in-security-breach/ again brought something to mind.
I'm sure most companies don't keep the full card info around, but instead are given a handle that enables them to charge the card each month without keeping dangerous info around. (Handle is my word for something I surmise exists but have no proof thereof.)
None of the articles I've seen mention the existence of such a thing, and therefore, don't say whether that information was also compromised.
I mention it because I haven't heard anyone talking about having to replace their cards or to cancel and restart monthly #DigitalOcean billing.
One last thing. Historically, when a company is breached, they say "the incident only affected a small subset of our users / customers", then that subset gets larger and larger over time. In some cases, the subset eventually comprises the entire user / customer base.