I mean, the official statement admits the attacker was in the system from January 16-21, 2022. During that time, he says they also had access to Slack, Splunk, and Jira. We know they grabbed some sort of AWS keys at least from Slack. Who knows what other sort of info was posted there that they grabbed. Organizations play fast and loose with Slack all the time and not a lot of orgs purge Slack conversations routinely.

Plus with Jira and Splunk, that’s a goldmine of info.

So is that really not a breach?