Hacker News new | past | comments | ask | show | jobs | submit login

Nowadays I tend to trust a company that had a security vulnerability or data breach once and handled it gracefully, rather than a company that says they had no security breach. Making a mistake is only human; Your true test is what you do after you found it.



This!

It's not about the mistake that led to the breach. It's about what you do once you become aware of it as a company, as a team, and as an individual.

I am quite confused about how poor this has been handled by Facebook recently and now Google follows suit.


I agree. I think it is more important when a company is forthright about a breach quickly than the history of breaches. Both Sony and Equifax had large security breaches prior to the large hacks.


So is this an example of a company handling it gracefully? They couldn't tell what the impact was but kept it a secret for 6 months.


Pretty sure he is saying the opposite.


It would make a nice change, if majority did the same.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: